NetentSec NS-ASG 安全漏洞

NetentSec NS-ASG is an application security gateway from China NetentSec. A security vulnerability exists in NetentSec NS-ASG version 6.3, which originates from an SQL injection vulnerability in the /admin/editvirtualsiteinfo.php file...

NetentSec NS-ASG 安全漏洞

NetentSec NS-ASG is an application security gateway from China NetentSec. A security vulnerability exists in NetentSec NS-ASG version 6.3, which originates from an SQL injection vulnerability in the /admin/edituserlogin.php file...

NetentSec NS-ASG 安全漏洞

NetentSec NS-ASG is an application security gateway from China NetentSec. A security vulnerability exists in NetentSec NS-ASG version 6.3, which originates from an SQL injection vulnerability in the /admin/addressinterpret.php file...

NetentSec NS-ASG 安全漏洞

NetentSec NS-ASG is an application security gateway from China NetentSec. A security vulnerability exists in NetentSec NS-ASG version 6.3, which originates from an SQL injection vulnerability in the /WebPages/applyhardware.php file...

NetentSec NS-ASG 安全漏洞

NetentSec NS-ASG is an application security gateway from China NetentSec. A security vulnerability exists in NetentSec NS-ASG version 6.3, which originates from an SQL injection vulnerability in the /include/authrp.php file...

CVE-2024-30866

Netentsec NS-ASG 6.3 is reported vulnerable to SQL Injection via the /3g/menu.php endpoint. The CVE description and connected records indicate the flaw originates from unsafe SQL handling in that API path, leading to potential exposure or alteration of data with low to moderate impact (CVSS v3.1:...

CVE-2024-30868

CVE-2024-30868 affects netentsec NS‑ASG 6.3, with a SQL Injection vulnerability in /admin/add_getlogin.php. The issue is triggered via user-controlled input and is rated Critical (CVSS 3.1: 9.8, Network access, no user interaction, high confidentiality/ integrity/ availability impact). Public ref...

CVE-2024-30863

CVE-2024-30863 affects netentsec NS-ASG 6.3. The vulnerability is an SQL injection in the /WebPages/history.php endpoint. CVSS 3.1 base score 6.3 (Network, High attack complexity, Low privileges, No user interaction). Impact is integrity loss, with confidentiality/availability not affected per th...

CVE-2024-30861

NetentSec NS-ASG 6.3 is affected by CVE-2024-30861: an SQL Injection flaw in the endpoint /admin/configguide/ipsec_guide_1.php. The CVE record indicates a network-exposed vulnerability with CVSS v3.1: base score 5.3 (Medium), low confidentiality impact, no impact on integrity/availability, no use...

CVE-2024-30860

CVE-2024-30860 affects netentsec NS-ASG version 6.3. The connected documents specify a SQL Injection in the endpoint /admin/export_excel_user.php, indicating an input handling/root-cause issue that allows arbitrary SQL execution. The impact is described as high (confidentiality, integrity, availa...

CVE-2024-30864

CVE-2024-30864 affects netentsec NS-ASG 6.3 with an SQL Injection vulnerability in the /admin/config_ISCGroupTimePolicy.php endpoint. The CVSSv3.1 vector is AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L (base score 6.3, MEDIUM). Attack requires adjacent access, no privileges, and no user interaction; impac...

CVE-2024-30871

CVE-2024-30871 affects netentsec NS-ASG 6.3 and is a SQL Injection vulnerability in the /WebPages/applyhardware.php endpoint. Reported across multiple sources (NVD/Red Hat/CNNVD, CVE list) with CVSS 3.1 base score 8.8 (Network attack vector, high impact on confidentiality, integrity, availability...

CVE-2024-30862

NetentSec NS-ASG 6.3 is vulnerable to SQL Injection via the /3g/index.php endpoint. Affected component: NS-ASG 6.3. Reported impact includes high confidentiality, integrity, and availability according to CVSS metrics. The connected sources confirm the vulnerability detail; no patch/version remedi...

CVE-2024-30867

CVE-2024-30867 affects netentsec NS-ASG 6.3. The vulnerability is a SQL injection in the /admin/edit_virtual_site_info.php endpoint, with CVSS v3.1 base score 9.8 (CRITICAL). Exposed via NETWORK, no user interaction required, privileges none. Root cause: improper handling of database queries enab...

CVE-2024-30858

Netentsec NS-ASG 6.3 is affected by a SQL Injection in the /admin/edit_fire_wall.php endpoint. The CVE (CVE-2024-30858) is supported by Red Hat, NVD, CNNVD, CVE.org, and PT Security, indicating the vulnerable component and endpoint, with a CVSS v3.1 base score of 9.8 (CRITICAL) and network access...

CVE-2024-30865

CVE-2024-30865 concerns netentsec NS-ASG 6.3, where an SQL injection vulnerability exists in the web path /admin/edit_user_login.php . The vulnerability is documented across multiple sources (NVD, Red Hat, CNNVD, CVE listing) with a CVSS v3.1 base score of 9.8 (CRITICAL) , indicating high impact ...

CVE-2024-30872

CVE-2024-30872 affects NetentSec NS-ASG 6.3. The vulnerability is a SQL Injection in the /include/authrp.php endpoint. Documented impact per CVSS: confidentiality impact NONE, integrity impact LOW, availability impact LOW. Exploitation details or patch information are not provided in the connecte...

CVE-2024-30859

Affected product: netentsec NS-ASG 6.3. Vulnerability: SQL injection in /admin/config_ISCGroupSSLCert.php. The issue arises from improper handling of input, enabling an attacker to manipulate SQL queries. Impact: According to multiple sources, this can impact confidentiality, integrity, and avail...

CVE-2024-30870

Summary: CVE-2024-30870 affects netentsec NS-ASG 6.3, with a SQL Injection vulnerability in the /admin/address_interpret.php endpoint. The vulnerability is classified with CVSS 3.1 base score 8.8 (HIGH) and is network-exposed with low attack complexity, requiring low privileges and no user intera...

CVE-2024-30859

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configISCGroupSSLCert.php...