Skip to main content

CRLF Injection

Description

CRLF occurs when an attacker can abuse the carriage return character (\r) and a newline character (\n) in an HTTP request in order to inject new headers or a new body for the HTTP request. This attack is a very dangerous attack as it can give the attacker the ability to create whatever request he wants.

Remediation

The only way to prevent CRLF attacks is to carefully sanitize every message that is sent by the client.

Configuration

Identifier: injection/crlf

Examples

Ignore this check

{
"checks": {
"injection/crlf": {
"skip": true
}
}
}

Score

  • Escape Severity: MEDIUM

CVSS

  • CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
  • CVSS_SCORE: 5.1

References