CVE-2020-5138

A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv...

CVE-2020-5137

SonicOS contains a buffer overflow allowing a remote unauthenticated attacker to cause DoS on the SSLVPN service and crash the firewall. Affected: SonicOS Gen 5 (5.9.1.7, 5.9.1.13), Gen 6 (6.5.4.7, 6.5.1.12, 6.0.5.3), SonicOSv 6.5.4.v, Gen 7 (7.0.0.0). Root cause: buffer overflow in SSLVPN handli...

SonicOS SSLVPN login page administrator username enumeration vulnerability

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, and SonicOSv 6.5.4.v...

SonicOS SSLVPN Stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting XSS vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen ...

SonicOS SSLVPN allows unauthenticated attacker to brute force Virtual Assist ticket ID

A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3 and SonicOSv 6.5.4.v. CVE: CVE-2020-5141 Last...

SonicOS SSLVPN service unauthenticated release of Invalid pointer to cause Denial of Service (DoS) vulnerability and leads to firewall crash

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3 and...

U.S. Dept Of Defense: https://██████ vulnerable to CVE-2020-3187 - Unauthenticated arbitrary file deletion in Cisco ASA/FTD

Hi team , while testing i found a host ip https://█████████ which belong to DoD ██████████.mil running web services interface of Cisco ASA/FTD and it is vulnerable to CVE-2020-3187 - Unauthenticated arbitrary file deletion in Cisco ASA/FTD. An attacker could exploit this vulnerability by sending ...

XSS vulnerability in FortiOS SSLVPN Portal

...

CVE-2020-5130

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier...

CVE-2020-5130

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier...

Input validation

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier...

CVE-2020-5130

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier...

CVE-2020-5130

CVE-2020-5130 affects SonicOS SSLVPN where an LDAP login request is not properly validated, allowing remote attackers to trigger external service interaction (DNS). The issue impacts SonicOS versions 6.5.4.4-44n and earlier. The primary documented cause is improper validation of the request, with...

SonicOS SSLVPN External Service Interaction (DNS) Vulnerability

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier. CVE: CVE-2020-5130 Last updated: July 16, 2020, 9:26 a.m...

Unpatched Citrix Flaw Now Has PoC Exploits

Proof-of-concept PoC exploit code has been released for an unpatched remote-code-execution vulnerability in the Citrix Application Delivery Controller ADC and Citrix Gateway products. The vulnerability CVE-2019-19781, which Threatpost reported on in December, already packs a double-punch in terms...

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Update January 17, 2020: A new detection in Qualys Web Application Scanning was added. See "Detecting with Qualys WAS" below. Citrix released a security advisory CVE-2019-19781 for a remote code execution vulnerability in Citrix Application Delivery Controller ADC and Citrix Gateway products. The...

CVE-2019-7487

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution...

Remote code execution

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution...

CVE-2019-7487

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution...

CVE-2019-7487

CVE-2019-7487 affects SonicOS SSLVPN NACagent 3.5 for Windows. The issue stems from an unquoted autorun/service path, allowing a malicious binary within the parent directory to trigger code execution. Multiple sources reiterate that installation creates an unquoted path which can be exploited loc...