| Titel | SQL injection in NS-ASG application security gateway. |
|---|
| Beschreibung | SQL injection vulnerability in the Netcom NS-ASG application security gateway.
Vulnerability points:/protocol/firewall/uploadfirewall.php
The $FireWallId database value is accepted by messagecontent and then substituted into the database statement, the lack of validation results in sql execution. |
|---|
| Quelle | ⚠️ https://github.com/gb111d/ns-asg_poc/ |
|---|
| Benutzer | bows7ring (UID 56631) |
|---|
| Einreichung | 18.10.2023 08:38 (vor 3 Jahren) |
|---|
| Moderieren | 26.10.2023 07:33 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 243590 [Netentsec NS-ASG Application Security Gateway 6.3 uploadfirewall.php messagecontent SQL Injection] |
|---|
| Punkte | 18 |
|---|