154 matches found
SSLVPN error "Websocket connection failed: Connection closed before receiving a handshake responser"
After VPN tunnel established to NetScaler gateway, user encounter access issue s to backend server with error message: "Websocket connection to 'ws:///ws/notification/site-msg/' failed: Connection closed before receiving a handshake responser"...
TCP option lost when traffic go through TCP type Load Balance(LB) Vserver
TCP option lost when traffic go through TCP type Load BalanceLB Vserver: 1. Clients send TCP syn to NetScaler with TCP option segment: 2. Backend Servers do not receive TCP handshake with TCP option segment from NetScaler:...
Unable to ping backend server from NetScaler with SNIP as source IP address
SNIP, NSIP and backend server are in the same subnet. Unable to ping backend from NetScaler with SNIP as source IP address, can ping backend with NSIP as source IP address...
CVE-2023-41265
An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...
Cross site request forgery (csrf)
An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...
CVE-2023-41265
An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...
Enabling NetScaler to forward original client source IP to backend server
This guide outlines the various methods available to ensure that the backend server is equipped to collect the original client IP through the NetScaler. The focus of this article lies in configuring the NetScaler to effectively forward the original client source IP to the backend server...
How to configure URL Transformation to transform part of URL Path
When accessinghttp://example.com/url1/xxxx, Netscalercan transform /url1/ to /url2/ and preserve other parts, then forward to backend server...
Cross-site Scripting (XSS)
contao/core-bundle is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of a validation in the input unit widget, which allows an attacker to inject and execute malicious Javascript into the browser and backend server...
Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection Vulnerability
Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0" Exploit Author: Ansh Jain @sudoark Author Contact : email protected Vendor Homepage: https://www.wifi-soft.com/ Software Link:...
Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection
Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0" Date: 07/2023 Exploit Author: Ansh Jain @sudoark Author Contact : [email protected] Vendor Homepage: https://www.wifi-soft.com/ Software Link:...
CVE-2023-31689
In Wcms 0.3.2, an attacker can send a crafted request from a vulnerable web application backend server /wcms/wex/html.php via the finish parameter and the textAreaCode parameter. It can write arbitrary strings into custom file names and upload any files, and write malicious code to execute script...
CVE-2023-31689
In Wcms 0.3.2, an attacker can send a crafted request from a vulnerable web application backend server /wcms/wex/html.php via the finish parameter and the textAreaCode parameter. It can write arbitrary strings into custom file names and upload any files, and write malicious code to execute script...
K70312000: BIG-IP ASM JSON websocket security exposure
Security Advisory Description The BIG-IP ASM system may fail to block bad JSON websocket requests. This issue occurs when all of the following conditions are met: In the JSON profile of the affected security policy, the Parse Parameters setting is enabled. Note: This setting is enabled by default...
K88230177: BIG-IP ASM WebSocket vulnerability CVE-2021-22976
Security Advisory Description When the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2021-22976 Impact When this vulnerability is exploited, the BIG-IP ASM system may take...
K70134152: BIG-IP ASM, F5 Advanced WAF, and NGINX App Protect encoded directory traversal security exposure
Security Advisory Description The BIG-IP ASM, F5 Advanced Web Application Firewall Advanced WAF, and NGINX App Protect systems may fail to detect encoded directory traversal in the URL. This issue occurs when the following condition is met: The affected security policy is enabled with an evasion...
JSA10396 - Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) - OpenSSL - Incorrect checks for malformed signatures on DSA and ECDSA keys used with SSL/TLS on backend servers. CVE-2008-5077.
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Several functions inside OpenSSL incorrectly checked the result after calling the EVPVerifyFinal function, allowing a malformed signature to be treated as a good signature rather than ...
NetScaler HTTP-ECV monitor probe fails and returns "404 Not Found" response code
The HTTP-ECV monitor fails and returns the 404 Not Found response code. For example, a monitor of the HTTP-ECV type was configured to monitor the status of a backend server using the following as the expected response string: "Response is Successful." The status of the related service was marked ...
varnish: Request Forgery Vulnerability
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...
varnish: Request Forgery Vulnerability
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...