Serilog (before v2.1.0) contains a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses in log files by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests.
It is not possible to configure Serilog.Enrichers.ClientInfo to not trust the X-Forwarded-For header.