Medium severity6.1NVD Advisory· Published Nov 3, 2023· Updated Jun 17, 2026
CVE-2023-4768
CVE-2023-4768
Description
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in /STATE_ID/1613157927228/InvSWMetering.pdf.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
29.1.0+ 1 more
- (no CPE)range: 9.1.0
- (no CPE)range: 9.1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.