CVE-2017-5615

CVE-2017-5615

EPSS 1.1%

cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://news.cpanel.com/tsr-2017-0001-full-disclosure/http://www.openwall.com/lists/oss-security/2017/01/28/8 http://www.securityfocus.com/bid/95870