CVEs-PoC/2020/CVE-2020-5420.md

### [CVE-2020-5420](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5420)
![](https://img.shields.io/static/v1?label=Product&message=CF%20Deployment&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Routing&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=All%3C%200.206.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=All%3C%2013.15.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-754%3A%20Improper%20Check%20for%20Unusual%20or%20Exceptional%20Conditions&color=brighgreen)

### Description

Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/404notf0und/CVE-Flow