Apache HTTP Server
Moderate fix1 remedy
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*
Moderate fix1 remedy
- < 2.4.66
Apache HTTP Server Server Side Includes Query String Injection Vulnerability
Vulnerability
Patched
A vulnerability exists in Apache HTTP Server versions prior to 2.4.66, specifically in versions 2.4.65 and earlier, when Server Side Includes (SSI) are enabled and mod_cgid is active (but not mod_cgi). In this scenario, the server improperly passes the shell-escaped query string to #exec cmd="..." directives, potentially leading to unintended command execution.
Impact
Exploitation of this vulnerability could allow for injection of shell-escaped query strings into executed commands, potentially leading to command execution on the server.
Reproduction
To reproduce this vulnerability, enable Server Side Includes (SSI) and mod_cgid on an Apache HTTP Server instance running version 2.4.65 or earlier. Then, send a request with a crafted query string that exploits the #exec cmd="..." directive. The injected query string will be passed to the command execution context, demonstrating the vulnerability.
Remediation
Users are advised to upgrade to Apache HTTP Server version 2.4.66 or later, which addresses this vulnerability.
Added: Dec 5, 2025, 2:44 PM
Updated: Dec 5, 2025, 5:33 PM
Vulnerability Rating
Custom Algorithm
spread
9.4impact
10.0exploitability
7.9remediation
7.7relevance
1.2threat
1.6urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.