7 High
AI Score
Confidence
Low
0.031 Low
EPSS
Percentile
91.1%
CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.
secunia.com/advisories/14861
securitytracker.com/id?1013666
www.osvdb.org/15362
www.security.org.sg/vuln/anhttpd142n.html
exchange.xforce.ibmcloud.com/vulnerabilities/20031