Lucene search
K
AlgosecFirewall Analyzer

4 matches found

CVE
CVE
added 2014/01/29 6:0 p.m.47 views

CVE-2013-5092

CVE-2013-5092 is a reported XSS vulnerability in the file afa/php/Login.php of AlgoSec Firewall Analyzer 6.1-b86 . The vulnerability allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO parameter. The NVD entry lists a Medium base score (CVSS 2.0: 4.3) with network att...

4.3CVSS5.9AI score0.03247EPSS
Web
CVE
CVE
added 2014/01/29 6:0 p.m.47 views

CVE-2013-7318

AlgoSec Firewall Analyzer 6.4 has an XSS vulnerability in the BusinessFlow/login path, exploitable via the message parameter to inject arbitrary script/HTML. The root cause is an XSS condition in the login flow; remote attackers could induce script execution in a victim’s browser. The provided do...

4.3CVSS5.9AI score0.00984EPSS
Web
CVE
CVE
added 2025/11/12 9:37 a.m.19 views

CVE-2025-12382

Algosec Firewall Analyzer (Linux, 64‑bit) is affected by a Path Traversal leading to code injection due to an improper limitation of a pathname. Root cause: improper restriction of pathnames to restricted directories. Affected versions: A33.0 up to build 320; A33.10 up to build 210. Impact: an au...

8.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2025/12/09 1:41 p.m.12 views

CVE-2025-12381

AlgoSec Firewall Analyzer (Linux, 64‑bit) is affected by CVE-2025-12381 due to improper privilege management in a sudoers‑authorized command. A local user with CLI access can escalate privileges by abusing parameters of that approved command, enabling privilege escalation and parameter injection....

7.8CVSS6.5AI score0.00137EPSS