CVE-2025-66200

CWE-288 CWE-30510 documents9 sources

Severity

5.4MEDIUM

EPSS

0.1%

top 78.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Http Server Apache Software Foundation Apache Http Server

Timeline

PublishedDec 5

Latest updateJan 19

Description

mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are recommended to upgrade to version 2.4.66, which fixes the issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 2.8 | Impact: 2.5

Affected Packages4 packages

▶NVDapache/http_server2.4.7 — 2.4.66

▶CVEListV5apache_software_foundation/apache_http_server2.4.7 — 2.4.65

▶Alpineapache2< 2.4.66-r0+3

▶Debianapache2< 2.4.66-1~deb11u1+3

🔴Vulnerability Details

GHSA

GHSA-3j3g-3pw9-9vcc: mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server↗2025-12-05

▶

CVEList

Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo↗2025-12-05

▶

OSV

CVE-2025-66200: mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server↗2025-12-05

▶

OSV

CVE-2025-66200: mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server↗2025-12-05

▶

📋Vendor Advisories

Ubuntu

Apache HTTP Server vulnerabilities↗2026-01-19

▶

Microsoft

Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo↗2025-12-09

▶

Red Hat

httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo↗2025-12-05

▶

Debian

CVE-2025-66200: apache2 - mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTT...↗2025

▶

Apache

Apache httpd: CVE-2025-66200↗

▶