CVE-2021-4097

EUVD-2021-2485
phpservermon is vulnerable to Improper Neutralization of CRLF Sequences
CRLF Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
@huntrdevCNA
6.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
Affected Products (NVD)
VendorProductVersion
phpservermonitorphp_server_monitor
𝑥
< 3.6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/phpservermon/phpservermon/commit/162bba0046fcda1580f4fbc7b9ababe3c7c13ce4
https://huntr.dev/bounties/d617ced7-be06-4e34-9db0-63d45c003a43
https://github.com/phpservermon/phpservermon/commit/162bba0046fcda1580f4fbc7b9ababe3c7c13ce4
https://huntr.dev/bounties/d617ced7-be06-4e34-9db0-63d45c003a43