Vulnerabilities/

CRLF Injection in URL

Impact: High

Description

The CRLF refers to the combination of two characters the Carriage Return (ASCII 13, \r) and Line Feed (ASCII 10, \n). These characters are used for adding a new line. The CRLF in HTTP protocol separates different parts of the message such as HTTP headers. When request parameters are used for generating HTTP response without proper encoding the application is vulnerable to CRLF injection.

A web server without proper configuration allows attackers to inject CRLF in the URL. Attackers can manipulate HTTP response to add arbitrary HTTP header or change the response body using CRLF injection attacks.

Recommendation

Review the webserver configurations and/or your web application logic to make sure CRLF characters are properly encoded before being used in the response.

References

Last updated on February 07, 2022

This issue is available in SmartScanner Professional

See Pricing