CVE advisoryCRITICAL
CVE-2021-27132
SerComm AG Combo VD625 CRLF Injection Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
CRLF injection in SerComm AG Combo VD625 devices' download function could allow an unauthenticated attacker to inject HTTP headers, potentially affecting device behavior and exposing data. This is relevant because such devices are often at the network edge.