CVE-2023-48256
MEDIUM WAF: High
CVSS 6.3
Published: 2024-01-10
CWE-113
The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP request.
WAF Coverage Analysis
HTTP Response Splitting
High WAF Coverage
OWASP: A03:2021 Injection
921xxx - Protocol Attack
Affected Software
| Vendor | Product | Version |
|---|---|---|
| bosch | nexo-os | 1000 - 1500-sp2 |
References
- psirt.bosch.com (Vendor Advisory)