漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Multiple vulnerabilities in Rejetto's Http File Server
Vulnerability Description
The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. The inclusion of invalidated data in an HTTP header allows an attacker to specify the full HTTP response represented by the browser. An attacker could control the response and craft attacks such as cross-site scripting and cache poisoning attacks.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
对CRLF序列的转义处理不恰当(CRLF注入)
Vulnerability Title
Rejetto Http File Server 注入漏洞
Vulnerability Description
HTTP File Server是一个简单的工具,它允许您从台式机、平板电脑或其他设备访问手机的文件,而无需任何特殊软件 - 只需一个网络浏览器。 Rejetto Http File Server 2.2a 版本存在注入漏洞,该漏洞源于在某些情况下,软件不会中和某些特殊字符。
CVSS Information
N/A
Vulnerability Type
N/A