Lucene search
Rep00cD617CED7-BE06-4E34-9DB0-63D45C003A43HistoryNov 19, 2021 - 3:45 a.m.
CRLF Injection in phpservermon/phpservermon
2021-11-1903:45:59
rep00c
www.huntr.dev
6
0.001 Low
EPSS
Percentile
30.0%
Description
misconfig of nginx lead to crlf injection
In nginx, $uri is url decoded, which will decode %0d%0a to CRLF.
code:
return 301 http://<%= @server_name[0].gsub(/^www\./, '') %>$uri;
Proof of Concept
A request to:
http://www.test.com/%0d%0afake_header:123%0d%0a%0d%0afake_content
Impact
CRLF Injection allows an attacker to inject client-side malicious scripts (E.g. Cross site scripting) to disclose information. An attacker can gain sensitive information like CSRF token and allow the attacker to set fake cookies.
Related
osv
osv
CVE-2021-4097
2021-12-12 00:15:07
phpservermon is vulnerable to CRLF Injection
2021-12-16 14:26:00
cve
cve
CVE-2021-4097
2021-12-12 00:15:07
cvelist
cvelist
CVE-2021-4097 CRLF Injection in phpservermon/phpservermon
2021-12-11 23:30:10
veracode
veracode
CRLF Injection
2021-12-13 03:48:07
nvd
nvd
CVE-2021-4097
2021-12-12 00:15:07
github
github
phpservermon is vulnerable to CRLF Injection
2021-12-16 14:26:00
prion
prion
Design/Logic Flaw
2021-12-12 00:15:00