CVE-2024-1064 Information

Description

A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header

Reference

https://gitlab.com/crafty-controller/crafty-4/-/issues/327