{ "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThan": "2.4.66", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Anthony Parfenov (United Rentals, Inc.)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "

Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd=\"...\" directives.

This issue affects Apache HTTP Server before 2.4.66.

Users are recommended to upgrade to version 2.4.66, which fixes the issue.

" } ], "value": "Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd=\"...\" directives.\n\nThis issue affects Apache HTTP Server before 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue." } ], "metrics": [ { "other": { "content": { "text": "moderate" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-201", "description": "CWE-201 Insertion of Sensitive Information Into Sent Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09" }, "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2025-08-21T00:00:00.000Z", "value": "Reported to security team" }, { "lang": "eng", "time": "2025-12-04", "value": "2.4.66 released" } ], "title": "Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "cveId": "CVE-2025-58098", "serial": 1, "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }