Exploiting Microweber CRLF Injection (CVE-2022-0666)

Exploiting Microweber CRLF Injection (CVE-2022-0666)

OS

2024.1.*
2020.3.*
2019.4.*

Apps

M
MicroweberMicroweber
0.823.*
0.9.346.*
0.934.*
0.931.*
*.*
0.750.*
0.830.*
0.951.*
1.2.21.*
1.2.18.*

Screenshots from the blog posts

images/cm0xnm0x601zm1gomhbws88zp.pngimages/cm0xnm0x601zm1gomhbws88zp.png

Summary

In this post, we will understand and exploit Microweber targets vulnerable to CRLF Injection via CVE-2022-0666. We will send the payloads to vulnerable targets to redirect them to attacker-controlled website which could further be used to conduct phishing and steal credentials from victims.

general

Description

@secatgourity

185 posts

Total vcoins

120.8K

Social media links

Comments (0)