CVE-2024-2648

CVE-2024-2648 affects Netentsec NS-ASG Application Security Gateway 6.3, where an unknown function in /nac/naccheck.php accepts the username parameter and allows improper neutralization of data within XPath expressions (XPath injection). This enables remote abuse and exploitation once disclosed p...

CVE-2024-2648 Netentsec NS-ASG Application Security Gateway naccheck.php xpath injection

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of the argument username leads to improper neutralization of data within xpath expressions. It is...

CVE-2024-2647

CVE-2024-2647 affects Netentsec NS-ASG Application Security Gateway (v6.3). The issue is a SQL injection in the /admin/singlelogin.php endpoint caused by improper handling of the loginId parameter. Attacks can be remote, and disclosures exist publicly. Multiple sources corroborate the vulnerabili...

CVE-2024-2647 Netentsec NS-ASG Application Security Gateway singlelogin.php sql injection

A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /admin/singlelogin.php. The manipulation of the argument loginId leads to sql injection. The attack may be initiated...

CVE-2024-2647 Netentsec NS-ASG Application Security Gateway singlelogin.php sql injection

A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /admin/singlelogin.php. The manipulation of the argument loginId leads to sql injection. The attack may be initiated...

CVE-2024-2646

CVE-2024-2646 affects Netentsec NS-ASG Application Security Gateway version 6.3. The vulnerability is a SQL injection in the endpoint /vpnweb/index.php?para=index triggered by manipulating the check_VirtualSiteId argument. It is exploitable remotely and has been disclosed publicly. Impacts includ...

CVE-2024-2646 Netentsec NS-ASG Application Security Gateway sql injection

A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /vpnweb/index.php?para=index. The manipulation of the argument checkVirtualSiteId leads to sql injection. The attack can be initiated remotely...

CVE-2024-2646 Netentsec NS-ASG Application Security Gateway sql injection

A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /vpnweb/index.php?para=index. The manipulation of the argument checkVirtualSiteId leads to sql injection. The attack can be initiated remotely...

CVE-2024-2645

CVE-2024-2645 affects Netentsec NS-ASG Application Security Gateway 6.3. The vulnerability is in the file "/vpnweb/resetpwd/resetpwd.php" where the UserId parameter can cause improper neutralization of data within XPath expressions, enabling a remote attack. Public exploitation has been disclosed...

CVE-2024-2645 Netentsec NS-ASG Application Security Gateway resetpwd.php xpath injection

A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /vpnweb/resetpwd/resetpwd.php. The manipulation of the argument UserId leads to improper neutralization of data within xpath expressions. It is...

CVE-2024-2645 Netentsec NS-ASG Application Security Gateway resetpwd.php xpath injection

A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /vpnweb/resetpwd/resetpwd.php. The manipulation of the argument UserId leads to improper neutralization of data within xpath expressions. It is...

CVE-2024-2644

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfirewall.php. The manipulation of the argument FireWallTableArray leads to sql injection. The attac...

CVE-2024-2644

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfirewall.php. The manipulation of the argument FireWallTableArray leads to sql injection. The attac...

CVE-2024-2644 Netentsec NS-ASG Application Security Gateway addfirewall.php sql injection

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfirewall.php. The manipulation of the argument FireWallTableArray leads to sql injection. The attac...

CVE-2024-2644

CVE-2024-2644 affects Netentsec NS-ASG Application Security Gateway 6.3. The vulnerability resides in /protocol/firewall/addfirewall.php via the FireWallTableArray parameter, leading to SQL injection. It can be triggered remotely and public exploit information exists. The sources consistently des...

CVE-2024-2644 Netentsec NS-ASG Application Security Gateway addfirewall.php sql injection

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfirewall.php. The manipulation of the argument FireWallTableArray leads to sql injection. The attac...

Netentsec NS-ASG Application Security Gateway Security Vulnerability

Netentsec NS-ASG Application Security Gateway is an application security gateway from China Netentsec. A security vulnerability exists in Netentsec NS-ASG Application Security Gateway version 6.3, which originates from the parameter UserId in the file /vpnweb/resetpwd/resetpwd.php, which can lead...

Netentsec NS-ASG Application Security Gateway SQL Injection Vulnerability

Netentsec NS-ASG Application Security Gateway is an application security gateway from China Netentsec. A SQL injection vulnerability exists in Netentsec NS-ASG Application Security Gateway version 6.3, which originates from the parameter loginId in the file /admin/singlelogin.php that can lead to...

Netentsec NS-ASG Application Security Gateway Security Vulnerability

Netentsec NS-ASG Application Security Gateway is an application security gateway from China Netentsec. A security vulnerability exists in Netentsec NS-ASG Application Security Gateway version 6.3, which stems from the parameter username in the file /nac/naccheck.php, which can lead to incorrect...

PT-2024-21403 · Netentsec · Netentsec Ns-Asg Application Security Gateway

Name of the Vulnerable Software and Affected Versions: Netentsec NS-ASG Application Security Gateway version 6.3 Description: A critical issue has been found in the Netentsec NS-ASG Application Security Gateway, where an unknown functionality of the file...