CVE-2021-31988

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions.

Description: The issue is related to a user-controlled parameter in the SMTP test functionality that is not correctly validated. This allows an attacker to add Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-1286

Related Identifiers

CVE-2021-31988

Affected Products

Axis Os

Axis Os 2016

Axis Os 2018

Axis Os 2020

CVE-2021-31988

Weakness Enumeration

Related Identifiers

Affected Products

References · 6