WRITEUP #408

CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/deletion Vulnerability

OtherCRLF injectionFTP

byJustin Hung

Program

Microsoft (.NET Framework, Visual Studio)

Published

Mar 6, 2024

Added to HackDex

Jul 1, 2024

Read Full Writeuphttps://www.zerodayinitiative.com/blog/2024/3/6/cve-2023-36049-microsoft-net-crlf-injection-arbitrary-file-writedeletion-vulnerability

▸ RELATED WRITEUPS

Another 1500$: CR/LF Injection

OtherCRLF injection

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

OtherSSTI

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Built with ❤️ by Shubham Rawat