Vulnerabilities

CVE-2024-1064

by Fred · 03/02/2024

A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header

More information : https://gitlab.com/crafty-controller/crafty-4/-/issues/327

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : NONE
Integrity impact : NONE
Base score : 7.5
Base severity : HIGH
Exploitability score : 3.9
Impact score : 3.6

Similar

Tags: Cybersecurity Alert