CVE-2016-6839

CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to inject arbitrary HTTP headers and conduct…

mitre·CWE-113·Published 2016-09-07

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

196 chars

CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

NVDen

196 chars

CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

NVDes

250 chars

Vulnerabilidad de inyección CRLF en Huawei FusionAccess en versiones anteriores a V100R006C00 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de división de respuesta HTTP a través de vectores no especificados.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.0	Primary	NVD	6.1	2.8	2.7	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N