← back
CVE-2017-14523

CVE-2017-14523

EPSS 8.2%
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can only come from a local machine or from the administrator as a self attack
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/43964/unverifiedexploitdbwww.exploit-db.com/exploits/43964unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://securitywarrior9.blogspot.in/2018/01/host-header-injection-in-wonder-cms.htmlhttps://www.exploit-db.com/exploits/43964/