362 matches found
Netentsec NS-ASG Application Security Gateway SQL Injection Vulnerability
Netcon NS-ASG is an application security gateway from China Netcon Technology Netcon. A SQL injection vulnerability exists in Netentsec NS-ASG Application Security Gateway version 6.3, which originates from an SQL injection vulnerability in the parameter GWLinkId in the file...
CVE-2023-5681
A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/listaddrfwresourceip.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2023-5681
A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/listaddrfwresourceip.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2023-5681 Netentsec NS-ASG Application Security Gateway list_addr_fwresource_ip.php sql injection
A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/listaddrfwresourceip.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2023-5681
CVE-2023-5681 affects Netentsec NS-ASG Application Security Gateway 6.3. The vulnerability targets an unknown portion of /admin/list_addr_fwresource_ip.php and enables SQL injection. Exploitation can be performed remotely, and the vulnerability entry notes that the exploit has been disclosed publ...
CVE-2023-5681 Netentsec NS-ASG Application Security Gateway list_addr_fwresource_ip.php sql injection
A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/listaddrfwresourceip.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...
PT-2023-32257 · Netentsec · Netentsec Ns-Asg Application Security Gateway
Name of the Vulnerable Software and Affected Versions: Netentsec NS-ASG Application Security Gateway version 6.3 Description: A critical issue was found in the Netentsec NS-ASG Application Security Gateway, affecting an unknown part of the file /admin/list addr fwresource ip.php. This issue leads...
CVE-2023-40850
netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway...
CVE-2023-40850
netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway...
PT-2023-27675 · Netentsec · Netentsec Ns-Asg
Name of the Vulnerable Software and Affected Versions: netentsec NS-ASG version 6.3 Description: The issue is related to Incorrect Access Control, with a file leak found in the website source code of the application security gateway. Recommendations: For netentsec NS-ASG version 6.3, consider...
CVE-2023-40850
netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway...
CVE-2023-40850
netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway...
CVE-2023-40850
CVE-2023-40850 affects netentsec NS-ASG 6.3 (application security gateway). The issue is an Incorrect Access Control allowing leakage of the website source code files. Based on sources, this is described as a file disclosure risk within NS-ASG’s website source and is associated with version 6.3. ...
网康安全网关(Netentsec ASG) 6.3 /WebPages/login.php errstr参数XSS漏洞
No description provided by source...
网康安全网关(Netentsec ASG) 6.3 /3g/menu.php uid参数SQL注入漏洞
No description provided by source...
网康安全网关(Netentsec ASG) 6.3 /WebPages/history.php uid参数SQL注入漏洞
No description provided by source...
网康安全网关(Netentsec ASG) 6.3 /debug/rproxy_diag.php 任意文件下载漏洞
No description provided by source...
Netentsec ASG 网康应用安全网关 resetpwd.php SQL注入
No description provided by source...
Netentsec ASG网康应用安全网关在commonpluginDownload.php存在任意文件下载漏洞
0x01漏洞简介 Netentsec ASG网康应用安全网关在/commonplugin/Download.php存在任意文件下载漏洞。远程攻击者可以利用参数licensefile 或者 reqfile 结合..下载任意文件。如果下载文件是SvrLicense.license表示该漏洞已经修复,如果下载文件为自己包含的文件,说明该漏洞仍然存在。 0x02漏洞分析 查看问题代码如下: obstart""; header"Expires: Sat, 01 Jan 2000 00:00:00 GMT"; header"Last-Modified: ".gmdate"D, d M Y...
Netentsec ASG 网康应用安全网关在admin/config_ISCGroupTimePolicy.php等多处存在SQL注入漏洞
No description provided by source...