CVE-2017-5868 in Access Server信息

摘要

由 VulDB • 2026-07-19

OpenVPN Access Server 2.1.4 Web界面中的CRLF注入漏洞允许远程攻击者通过PATH_INFO到__session_start__/路径中的“%0A”字符注入任意HTTP头,从而实施会话固定攻击以及可能的HTTP响应拆分攻击。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Interested in the pricing of exploits?

See the underground prices here!