Gửi #222291: SQL injection in NS-ASG application security gateway.thông tin

tiêu đềSQL injection in NS-ASG application security gateway.
Mô tảSQL injection vulnerability in the Netcom NS-ASG application security gateway. Vulnerability points:/protocol/firewall/uploadfirewall.php The $FireWallId database value is accepted by messagecontent and then substituted into the database statement, the lack of validation results in sql execution.
Nguồn⚠️ https://github.com/gb111d/ns-asg_poc/
Người dùng
 bows7ring (UID 56631)
Đệ trình18/10/2023 08:38 (cách đây 3 những năm)
Kiểm duyệt26/10/2023 07:33 (8 days later)
Trạng tháiđược chấp nhận
Mục VulDB243590 [Netentsec NS-ASG Application Security Gateway 6.3 uploadfirewall.php messagecontent Tiêm SQL]
điểm18

Want to know what is going to be exploited?

We predict KEV entries!