प्लेटफ़ॉर्म
nginx
घटक
nginx
में ठीक किया गया
0.27.1
0.27.1
CVE-2025-66570 is a critical vulnerability affecting Nginx versions up to 0.27.0. This flaw allows attackers to inject malicious HTTP headers, specifically REMOTEADDR, REMOTEPORT, LOCALADDR, and LOCALPORT, which can then be used to manipulate server-side metadata, logging, and authorization decisions. Successful exploitation could lead to data leakage, privilege escalation, and potentially complete server compromise. A patched version of Nginx is available to address this issue.
The vulnerability stems from how cpp-httplib, a library used by Nginx, handles HTTP headers. The readheaders() function in httplib.h allows attackers to inject custom headers into the request. Subsequently, Nginx's Server::processrequest function appends its own internal metadata using the same header names without removing duplicates. This means an attacker-controlled header value can overwrite legitimate server metadata, potentially influencing authorization decisions or exposing sensitive information through logging. For example, an attacker could inject a malicious REMOTE_ADDR header to impersonate a trusted client or manipulate access controls. The impact is significant, as it can lead to unauthorized access, data breaches, and complete system compromise, particularly in environments where Nginx is used as a reverse proxy or load balancer.
This vulnerability is considered high-risk due to its critical CVSS score and the potential for widespread impact. While no public exploits have been widely reported, the ease of exploitation makes it a likely target for attackers. The vulnerability was publicly disclosed on 2025-12-05. Monitor security advisories and threat intelligence feeds for any signs of active exploitation. It's prudent to assume that attackers are actively seeking ways to exploit this vulnerability.
Organizations utilizing Nginx as a reverse proxy, load balancer, or web server, particularly those running versions 0.27.0 or earlier, are at significant risk. Shared hosting environments where multiple users share the same Nginx instance are also vulnerable, as an attacker could potentially exploit this vulnerability through a compromised website to impact other tenants.
• nginx / server:
# Check for Nginx versions <= 0.27.0
nginx -v• nginx / server:
# Examine access logs for unusual REMOTE_ADDR or REMOTE_PORT values
grep -i 'REMOTE_ADDR|REMOTE_PORT' /var/log/nginx/access.log• nginx / server:
# Check Nginx configuration for use of REMOTE_ADDR/REMOTE_PORT in logging
cat /etc/nginx/nginx.conf | grep -i 'REMOTE_ADDR|REMOTE_PORT'disclosure
patch
एक्सप्लॉइट स्थिति
EPSS
0.04% (13% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation is to upgrade Nginx to a version patched against this vulnerability. Refer to the official Nginx documentation for upgrade instructions specific to your operating system and deployment environment. If immediate upgrade is not possible, consider implementing temporary workarounds. A Web Application Firewall (WAF) can be configured to filter out or sanitize potentially malicious REMOTEADDR, REMOTEPORT, LOCALADDR, and LOCALPORT headers. Additionally, review Nginx configuration to minimize the use of these headers in logging and authorization processes. After upgrading, verify the fix by sending a crafted HTTP request containing the malicious headers and confirming that they are either rejected by the WAF or do not influence server behavior.
Actualice la biblioteca cpp-httplib a la versión 0.27.0 o superior. Esto solucionará la vulnerabilidad de manipulación de encabezados HTTP no confiables. La actualización evitará que un atacante controle metadatos visibles para el servidor, el registro y las decisiones de autorización.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-66570 is a critical vulnerability in Nginx versions up to 0.27.0 that allows attackers to inject malicious HTTP headers, potentially influencing server metadata, logging, and authorization.
You are affected if you are running Nginx versions 0.27.0 or earlier. Check your Nginx version using nginx -v.
Upgrade Nginx to a patched version. Refer to the official Nginx documentation for upgrade instructions. Consider a WAF as a temporary mitigation.
While no widespread exploitation has been confirmed, the ease of exploitation makes it a likely target. Monitor security advisories and threat intelligence feeds.
Refer to the official Nginx security advisories at [https://nginx.org/en/security/](https://nginx.org/en/security/)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।