Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

CrushFTP Server Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2017-14037)

Description

CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability.

Remediation

References

Related Vulnerabilities

WordPress Plugin Animate It! Cross-Site Scripting (2.3.3)

PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143)

Squid Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-41317)

WordPress Plugin Salon Booking System Arbitrary File Upload (10.2)

PHP Numeric Errors Vulnerability (CVE-2014-3587)

Severity

Medium

Classification

CVE-2017-14037 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities