CVE-2021-27404
MEDIUMAskey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 - Open Redirect via Host Header Injection
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-27404. PoCs published by bokanrb.
AI-analyzed exploit summary This repository documents an authenticated Host Header Injection vulnerability in Askey RTF8115VW modems. The PoC demonstrates how an attacker can manipulate the Host header to redirect users to a malicious site, potentially leading to credential theft or cookie extraction.
Description
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.
Exploits (1)
This repository documents an authenticated Host Header Injection vulnerability in Askey RTF8115VW modems. The PoC demonstrates how an attacker can manipulate the Host header to redirect users to a malicious site, potentially leading to credential theft or cookie extraction.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N