Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Apache HTTP Server Reachable Assertion Vulnerability - CVE-2025-49630 - Vulnerability Database
Apache HTTP Server

Apache HTTP Server Reachable Assertion Vulnerability - CVE-2025-49630

High
Reference: CVE-2025-49630
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-49630
Title: Apache HTTP Server Reachable Assertion Vulnerability
Overview:

In certain proxy configurations a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2. Configurations affected are a reverse proxy is configured for an HTTP/2 backend with ProxyPreserveHost set to quotonquot.