Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

viewLinc - Carriage Return Line Feed Attack

By kannthu

Vidoc logoVidoc Module

viewLinc - Carriage Return Line Feed Attack

What is the "viewLinc - Carriage Return Line Feed Attack?"

The "viewLinc - Carriage Return Line Feed Attack" module is designed to detect a vulnerability in the viewLinc software version (and sometimes This vulnerability allows remote attackers to inject a carriage return line feed (CRLF) character into the responses returned by the product, enabling them to inject arbitrary HTTP headers into the response.

This module has a low severity level and was authored by geeknik.


If successfully exploited, this vulnerability can allow attackers to manipulate the HTTP response headers, potentially leading to various security issues such as session hijacking, cross-site scripting (XSS), or other forms of injection attacks.

How does the module work?

The module sends an HTTP GET request with a specific payload to the target server. The payload includes the following header injection attempt:


The module then checks the response headers for specific conditions to determine if the injection was successful. The matching conditions include:

- The presence of the header "Server: viewLinc/" and "Set-Cookie: crlfinjection=crlfinjection" - Alternatively, the presence of the header "Server: viewLinc/" and "Set-Cookie: crlfinjection=crlfinjection"

If any of these conditions are met, the module reports a vulnerability.

Reference: https://www

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: Server: viewLinc/, Set-Cookie: ...or
word: Server: viewLinc/, Set-Cookie: c...
Passive global matcher
No matching conditions.
On match action
Report vulnerability