Host Header Injection Vulnerability in Parallels Remote Application Server
CVE-2022-40870
8.1HIGH
What is CVE-2022-40870?
The Web Client of Parallels Remote Application Server v18.0 is susceptible to Host Header Injection attacks. Exploiting this vulnerability allows an attacker to inject malicious payloads into the Host header, potentially enabling the execution of arbitrary commands on the server. This poses a significant security risk, leading to unauthorized actions or access to sensitive data.