Vulnerability Description
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, which could lead to several issues depending on the HTTP scenario. For example, we have demonstrated the potential for XSS and arbitrary script source code disclosure in the latest version of mod_security2. This issue is fixed in version 2.9.12.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Owasp | Modsecurity | >= 2.0.0, < 2.9.12 |
Related Weaknesses (CWE)
References
- https://github.com/owasp-modsecurity/ModSecurity/commit/6d7e8eb18f2d7d368fb8e295Patch
- https://github.com/owasp-modsecurity/ModSecurity/issues/2514ExploitIssue Tracking
- https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-cg44-9ExploitVendor Advisory
- https://lists.debian.org/debian-lts-announce/2025/09/msg00008.html
- https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-cg44-9ExploitVendor Advisory
FAQ
What is CVE-2025-54571?
CVE-2025-54571 is a vulnerability with a CVSS score of 6.1 (MEDIUM). ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, ...
How severe is CVE-2025-54571?
CVE-2025-54571 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-54571?
Check the references section above for vendor advisories and patch information. Affected products include: Owasp Modsecurity.