| Titre | SQL injection in NS-ASG application security gateway. |
|---|
| Description | SQL injection vulnerability in the Netcom NS-ASG application security gateway.
Vulnerability points:/protocol/firewall/uploadfirewall.php
The $FireWallId database value is accepted by messagecontent and then substituted into the database statement, the lack of validation results in sql execution. |
|---|
| La source | ⚠️ https://github.com/gb111d/ns-asg_poc/ |
|---|
| Utilisateur | bows7ring (UID 56631) |
|---|
| Soumission | 18/10/2023 08:38 (il y a 3 ans) |
|---|
| Modérer | 26/10/2023 07:33 (8 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 243590 [Netentsec NS-ASG Application Security Gateway 6.3 uploadfirewall.php messagecontent injection SQL] |
|---|
| Points | 18 |
|---|