CVE-2014-1406

Publication date

2014-01-10 16:00:00

Family

mitre

State

PUBLISHED

Description

CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action.