mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 19:16:22 +00:00
955 B
955 B
CVE-2020-15690
Description
In Nim before 1.2.6, the standard library asyncftpclient lacks a check for whether a message contains a newline character.
POC
Reference
- http://www.openwall.com/lists/oss-security/2021/02/04/3
- http://www.openwall.com/lists/oss-security/2021/02/04/3
- https://consensys.net/diligence/vulnerabilities/nim-asyncftpd-crlf-injection/
- https://consensys.net/diligence/vulnerabilities/nim-asyncftpd-crlf-injection/
- https://github.com/tintinweb/pub/tree/master/pocs/cve-2020-15690
- https://github.com/tintinweb/pub/tree/master/pocs/cve-2020-15690
Github
No PoCs found on GitHub currently.