exploitDog

GHSA-4fpf-24x8-fq8p

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Ссылки

EPSS

Процентиль: 55%

0.00328

Низкий

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2013-0670

nvd

почти 13 лет назад

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

EPSS

Процентиль: 55%

0.00328

Низкий

CVE ID

Дефекты

CWE-20