It is possible to execute an arbitrary command with root privileges on phion netfence 4.0.x, phion netfence versions prior to 4.2.15 and NG Firewall versions prior to 5.0.2 boxes with activated external authentication scheme (i.e. Active Directory). An attacker with the knowledge of an admin's username is able to perform arbitrary shell commands during the ssh login procedure on the box. The knowledge of the admin's password is not required.
fee59e2c3c8776e6ab9ed6abb4364a9562154ddc30dfed06de24b65179dd71f4The radware AppWall Web Application Firewall suffers from a source code disclosure vulnerability on the management interface. Gateway version 4.6.0.2 and AppWall version 1.0.2.6 are affected.
ebbeea0950171e622c7bc542b1f4ad855b5faa91b899e0552ab2e02824b79374The phion airlock Web Application Firewall version 4.1-10.41 suffers denial of service and arbitrary command execution vulnerabilities.
9c254d04a6934a033c0c2d9e8afcf865cf7055ec4333f2cd6d9a21ef128d42c5The Artofdefence Hyperguard Web Application Firewall versions 3.1.1-11637 and below, 3.0.3-11636 and below, and 2.5.5-11635 and below suffer from a remote denial of service vulnerability.
077fa1d7da95167820fcb7c5c476adaf80128eb524005dba79c0191d3114b29b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed