4 matches found
CVE-2024-1064 Improper Neutralization of HTTP Headers for Scripting Syntax in Crafty Controller 4
A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service DoS condition via a modified host header...
CVE-2024-1064 Improper Neutralization of HTTP Headers for Scripting Syntax in Crafty Controller 4
A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service DoS condition via a modified host header...
CVE-2024-1064 Improper Neutralization of HTTP Headers for Scripting Syntax in Crafty Controller 4
A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service DoS condition via a modified host header...
CVE-2024-1064
Summary of CVE-2024-1064 (Crafty Controller) : The issue is a host header injection in the HTTP handler of Crafty Controller, enabling a remote, unauthenticated attacker to trigger a Denial of Service via a modified Host header. Reported CVSSv3.1 base score is 7.5 (HIGH) with NETWORK attack vecto...