← back
CVE-2023-30805

Sangfor Next-Gen Application Firewall Login Un Param Command Injection

CVSS 9.8 CRITICALEPSS 65.8%CWE-78
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is due to mishandling of shell meta-characters in the "un" parameter.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Sangfor · Net-Gen Application Firewall
public PoCs found1
cve_referencelabs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/https://vulncheck.com/advisories/sangfor-ngaf-username-rce