EUVD-2014-7035

Malware in sbrugna...

EUVD-2014-7034

Malware in sbrugna...

EUVD-2017-15682

Malware in sbrugna...

Fortinet FortiClient Hardcoding Vulnerability

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A hard-coded vulnerability exists in Fortinet FortiClien...

Fortinet FortiClient for Windows权限提升漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. executable file in the FortiClient installer...

Vulnerabilities fixed in Citrix ADC, Gateway and SDWAN WAN-OP

Citrix has fixed vulnerabilities in Citrix ADC formerly NetScaler ADC, Gateway formerly NetScaler Gateway and SDWAN WAN-OP. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access to sensitive data by taking over sessions. To cause a Denial-of-Service, the...

Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products

Citrix yesterday issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller ADC, Gateway, and SD-WAN WAN Optimization edition WANOP networking products. Successful exploitation of these critical flaws could let unauthenticated attackers...

Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Ecessa ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery Add Superuser Vendor: Ecessa Corporation Product web page: https://www.ecessa.com Affected version: 10.7.4, 10.6.9, 10.7.4, 10.6.5.2, 10.5.4, 10.2.24, 9.2.24...

Ecessa ShieldLink SL175EHQ &lt; 10.7.4 - Cross-Site Request Forgery (Add Superuser)

Exploit Title: Ecessa ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery Add Superuser Date: 2018-05-21 Vendor: Ecessa Corporation Product web page: https://www.ecessa.com Affected version: 10.7.4, 10.6.9, 10.7.4, 10.6.5.2, 10.5.4, 10.2.24, 9.2.24 Summary: Ecessa's ShieldLink 60, 175, 600,12...

Ecessa ShieldLink SL175EHQ 10.7.4 CSRF Add Superuser Exploit

Summary Ecessa's ShieldLink 60, 175, 600,1200 & 4000 are advanced, yet highly affordable secure WAN Optimization Controllers that incorporate all of the ISP/WAN link. Description The application interface allows users to perform certain actions via HTTP requests without performing any validity...

Citrix SD-WAN Warning: EE provisioning error WAN Optimization is not provisioned. Please use single step upgrade to upgrade your network and schedule installation

After an upgrade to version 10.x the following Warning message is displayed in the GUI:...

Sonicwall WXA5000 Console Jail Escape and Privilege Escalation

Vulnerability Details Affected Vendor: Sonicwall Affected Product: WXA5000 WAN Optimization Appliance Affected Version: 1.3.2-10-30 Platform: Embedded Linux CWE Classification: CWE-78: Improper Neutralization of Special Elements used in an OS Command Impact: Root Access Attack vector: Console 2...

CVE-2017-14602 - Authentication Bypass Vulnerability in the Management Interface of Citrix NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition Appliances

Description of Problem A vulnerability has been identified in the management interface of the Citrix NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition appliances. This vulnerability, if exploited, could allow an attacker with access to the management interface of the...

Code Execution Vulnerability in LotWan WAN Optimization System

AppEx LotWan is a WAN optimization and acceleration product. A remote command execution vulnerability exists in AppEx LotWan, which exists in /acc/checkinstancestate.php and can be exploited by an attacker to execute system commands without authorization...

Design/Logic Flaw

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. T...

Cisco Wide Area Application Services SMART-SSL Accelerator Denial of Service Vulnerability

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. The vulnerability is due to...

FAQ: What are the Difference Between WANOP, Standard and Enterprise Edition Licenses of NetScaler SD-WAN ?

Q: What is the difference between WANOP, Standard and Enterprise Edition license of NetScaler SD-WAN? A : With WANOPEdition License you can only have WAN Optimization feature which is applicable on NetScaler SD-WAN Version 7.x and below, 9.0.1, 9.1.0 +. With Standard Edition License you can only...

F5 Networks BIG-IP : QEMU vulnerability (SOL51841514)

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WINREADNATIVEMAX command to an empty drive, which triggers a...

F5 Networks BIG-IP : Linux kernel vulnerability (SOL16477)

The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIGCIFSDFSUPCALL is enabled, relies on a user's keyring for the dnsresolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform...

F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)

The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a 'stack extension attack,' a related issue to...