13 matches found
Authentication flaw
Barracuda Web Application Firewall WAF 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string...
Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack
KL-001-2017-014 : Barracuda WAF Support Tunnel Hijack Title: Barracuda WAF Support Tunnel Hijack Advisory ID: KL-001-2017-014 Publication Date: 2017.07.06 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-014.txt 1. Vulnerability Details Affected Vendor: Barracuda Affect...
Barracuda WAF V360 Firmware 8.0.1.014 Grub Password Complexity Vulnerability
The grub password for all Barracuda WAF V360 virtual appliances is four characters in length and, as a result, may be trivially easy to crack. Firmware version 8.0.1.014 is affected. Title: Barracuda WAF Grub Password Complexity 1. Vulnerability Details Affected Vendor: Barracuda Affected Product...
Barracuda WAF V360 Firmware 8.0.1.014 Early Boot Root Shell Exploit
Firmware reversing of the Barracuda Web Application Firewall uncovered debug features that should have been removed on the production images. Appending a debugging statement onto a grub configuration line leads to an early boot root shell. Firmware version 8.0.1.014 is affected. Title: Barracuda...
Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack Exploit
Barracuda WAF V360 with firmware 8.0.1.014 suffers from a support tunnel hijacking vulnerability. Title: Barracuda WAF Support Tunnel Hijack 1. Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded...
Barracuda WAF V360 Firmware 8.0.1.014 Grub Password Complexity
KL-001-2017-012 : Barracuda WAF Grub Password Complexity Title: Barracuda WAF Grub Password Complexity Advisory ID: KL-001-2017-012 Publication Date: 2017.07.06 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-012.txt 1. Vulnerability Details Affected Vendor: Barracuda...
Barracuda WAF V360 Firmware 8.0.1.014 Credential Disclosure
KL-001-2017-011 : Barracuda WAF Internal Development Credential Disclosure Title: Barracuda WAF Internal Development Credential Disclosure Advisory ID: KL-001-2017-011 Publication Date: 2017.07.06 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-011.txt 1. Vulnerability...
Barracuda WAF Early Boot Root Shell
Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded Linux CWE Classification: CWE-489: Leftover Debug Code Impact: Root Access Attack vector: Grub 2. Vulnerability Description Firmware reversing...
CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall
Vulnerability title: Authentication Bypass in Barracuda Web Application Firewall CVE: CVE-2014-2595 Vendor: Barracuda Product: Web Application Firewall Affected version: Firmware v7.8.1.013 Fixed version: N/A Reported by: Nick Hayes Details: It is possible to re-use a link which includes a...
Barracuda WAF Authentication Bypass
Vulnerability title: Authentication Bypass in Barracuda Web Application Firewall CVE: CVE-2014-2595 Vendor: Barracuda Product: Web Application Firewall Affected version: Firmware v7.8.1.013 Fixed version: N/A Reported by: Nick Hayes Details: It is possible to re-use a link which includes a...
Barracuda WAF - Filter Bypass & Persistent Vulnerability
Document Title: =============== Barracuda WAF - Filter Bypass & Persistent Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1208 Video: http://www.youtube.com/watch?v=-yQVyik3Ggo Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1065 Release Date...
Barracuda WAF - Filter Bypass & Persistent Vulnerability
Document Title: =============== Barracuda WAF - Filter Bypass & Persistent Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1208 Video: http://www.youtube.com/watch?v=-yQVyik3Ggo Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1065 Release Date...
Barracuda WAF 660 v7.6.0.028 - Cross Site Vulnerability
Document Title: =============== Barracuda WAF 660 v7.6.0.028 - Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=444 Release Date: ============= 2012-03-07 Vulnerability Laboratory ID VL-ID: ==================================== 444...