5 matches found
CVE-2023-26213
On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/updatecertificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain...
Command injection
On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/updatecertificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain...
Barracuda CloudGen WAN 操作系统命令注入漏洞
Barracuda Networks Barracuda CloudGen WAN is Barracuda Networks' tool for easily connecting all your locations to the Microsoft Global Network via Azure Virtual WAN. A security vulnerability exists in versions prior to Barracuda CloudGen WAN Private Edge Gateway devices 8...
CVE-2023-26213
On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/updatecertificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain...
CVE-2023-26213
Barracuda CloudGen WAN Private Edge Gateway devices prior to version 8 (specifically before 8 webui-sdwan-1089-8.3.1-174141891) are affected by an OS command injection in /ajax/update_certificate. An authenticated attacker can craft a request (e.g., using shell metacharacters in name/password fie...