CVE-2017-5615

CVE-2017-5615

EPSS 1.1%

cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://news.cpanel.com/tsr-2017-0001-full-disclosure/http://www.openwall.com/lists/oss-security/2017/01/28/8 http://www.securityfocus.com/bid/95870