CVE-2017-6508 in wgetinfo

Summary

CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

03/07/2017

Disclosure

03/07/2017

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-93

CVSS

6.7

EPSS

0.00186

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-6508
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-6508
CVE Details	https://www.cvedetails.com/cve/CVE-2017-6508/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!