EIP-2026-118728
PRE-CVELogMeIn 4.0.784 - 'cfgadvanced.html' HTTP Header Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-118728. PoCs published by Inferno.
AI-analyzed exploit summary The exploit demonstrates an HTTP header injection vulnerability in LogMeIn 4.0.784, allowing arbitrary headers to be injected via crafted URIs. The provided example URI includes a malicious payload that attempts to read local files (e.g., win.ini) and execute JavaScript, showcasing the potential for cross-site scripting (XSS) and information leakage.
Description
LogMeIn 4.0.784 - 'cfgadvanced.html' HTTP Header Injection
Exploits (1)
The exploit demonstrates an HTTP header injection vulnerability in LogMeIn 4.0.784, allowing arbitrary headers to be injected via crafted URIs. The provided example URI includes a malicious payload that attempts to read local files (e.g., win.ini) and execute JavaScript, showcasing the potential for cross-site scripting (XSS) and information leakage.