| Title | Ritlabs TinyWeb Server 1.94 CRLF Injection |
|---|
| Description | Application is vulnerable to HTTP requests containing CRLF pattern (%0A%0D). Reflecting output in HTTP response is possible.
The CRLF vulnerability also always application log tampering by inserting new illegitimate lines. |
|---|
| Source | ⚠️ https://github.com/DMCERTCE/CRLF_Tiny |
|---|
| User | Senatorhotchkiss (UID 68254) |
|---|
| Submission | 05/12/2024 09:57 AM (2 years ago) |
|---|
| Moderation | 05/22/2024 07:12 AM (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 265830 [Ritlabs TinyWeb Server 1.94 Request crlf injection] |
|---|
| Points | 16 |
|---|