| Titolo | SQL injection in NS-ASG application security gateway. |
|---|
| Descrizione | SQL injection vulnerability in the Netcom NS-ASG application security gateway.
Vulnerability points:/protocol/firewall/uploadfirewall.php
The $FireWallId database value is accepted by messagecontent and then substituted into the database statement, the lack of validation results in sql execution. |
|---|
| Fonte | ⚠️ https://github.com/gb111d/ns-asg_poc/ |
|---|
| Utente | bows7ring (UID 56631) |
|---|
| Sottomissione | 18/10/2023 08:38 (3 anni fa) |
|---|
| Moderazione | 26/10/2023 07:33 (8 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 243590 [Netentsec NS-ASG Application Security Gateway 6.3 uploadfirewall.php messagecontent iniezione SQL] |
|---|
| Punti | 18 |
|---|