CVE-2023-46964

Cross Site Scripting XSS vulnerability in Hillstone Next Generation FireWall SG-6000-e3960 v.5.5 allows a remote attacker to execute arbitrary code via the use front-end filtering instead of back-end filtering...

Hillstone Next Generation FireWall SG-6000-e3960 Security Vulnerability

Hillstone Networks Next Generation FireWall SG-6000-e3960 is a Web firewall from Hillstone Networks, China. A security vulnerability exists in Hillstone Next Generation FireWall SG-6000-e3960 v.5.5. A remote attacker could exploit this vulnerability to execute arbitrary code by using front-end...

CVE-2023-46964

CVE-2023-46964 affects Hillstone Next Generation Firewall SG-6000-e3960 (v5.5). The issue is a Cross Site Scripting (XSS) vulnerability due to using front-end filtering instead of back-end filtering, enabling a remote attacker to execute arbitrary code. Impact is described as arbitrary code execu...

PT-2023-30274 · Hillstone · Hillstone Next Generation Firewall Sg-6000-E3960

Name of the Vulnerable Software and Affected Versions: Hillstone Next Generation FireWall SG-6000-e3960 version 5.5 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code. This is due to the use of front-end filtering instead of back-end filtering...

CVE-2023-46964

Cross Site Scripting XSS vulnerability in Hillstone Next Generation FireWall SG-6000-e3960 v.5.5 allows a remote attacker to execute arbitrary code via the use front-end filtering instead of back-end filtering...

CVE-2022-45778

https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 = 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a...

CVE-2022-45778

https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 = 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a...

CVE-2022-45778

https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 = 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a...

CVE-2022-45778

CVE-2022-45778 affects Hillstone Firewall SG-6000 (versions 5.0.4.0 and earlier). The root cause is an Incorrect Access Control in the REPORT module of the Web Application Firewall, enabling an attacker to bypass permissions and access the firewall backend with super administrator privileges. Pub...

Weak Password Vulnerability in SG-6000-E2300 of Shanshi Netcom

SG-6000-E2300 is a firewall product of Shanshi Netcom Technology Beijing Co. A weak password vulnerability exists in the SG-6000-E2300, which can be exploited by attackers to obtain sensitive information...

XSS Vulnerability in SG-6000-W, a Next-Generation Firewall from Shanshi Netcom

SG-6000-W is a firewall product with intrusion prevention technology based on deep application, protocol detection and attack principle analysis. A stored XSS vulnerability exists in the SG-6000-W, which can be exploited by an attacker to obtain an administrator cookie...

Weak Password Vulnerability in SG-6000 Next-Generation Firewall from Shanshi Netcom

SG-6000 Next-Generation Firewall is a firewall product with intrusion prevention technology based on in-depth application, protocol detection and attack principle analysis. A weak password vulnerability exists in SG-6000, which can be exploited by attackers to access the backend management system...