ModSecurity Security Flaws Enable WAF Rule Evasion With Crafted HTTP Requests

ModSecurity, a widely used open-source web application firewall (WAF), has multiple security vulnerabilities that allow attackers to bypass detection with specially crafted HTTP requests. These vulnerabilities, identified as CVE-2026-52761 and CVE-2026-52747, affect ModSecurity versions up to 3.0.15. They have been addressed in version 3.0.16. These issues reveal significant inconsistencies in input transformation and request parsing, […]

The post ModSecurity Security Flaws Enable WAF Rule Evasion With Crafted HTTP Requests appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Read the original article: