Security Advisory

CVE-2014-1406

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-01-10 16:00:00

Last updated 2024-08-06 09:42:35

Assigner mitre

State PUBLISHED

Description

CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action.

← Browse all CVEs View on cve.org ↗