CRLF Injection Vulnerability in Akamai Download Manager ActiveX Control
CVE-2008-1770

Currently unrated

Key Information:

Vendor

Akamai

Status
Download Manager
Vendor
CVE Published:
4 June 2008

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 13%

What is CVE-2008-1770?

A vulnerability exists in the Akamai Download Manager ActiveX control that allows remote attackers to craft a URL containing an encoded line feed (LF). If successfully exploited, this can lead to the download and execution of arbitrary files, posing significant security risks for users. Versions prior to 2.2.3.6 are particularly vulnerable, emphasizing the need for timely updates and security practices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-1770 - Proof of Concept

References

https://www.exploit-db.com/exploits/5741
exploitx_refsource_EXPLOIT-DB
http://www.securitytracker.com/id?1020194
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/archive/1/493077/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.