hundanchen69/cve

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-3458 ↗	Apr 8, 2024Monday, 8 April 2024, 18:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /admin/add_ikev2.php. The manipulation of the argument TunnelId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259714 is the identifier assigned to this vulnerability.
CVE-2024-30867 ↗	Apr 1, 2024Monday, 1 April 2024, 16:15	9.8 CRITICAL	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_virtual_site_info.php.
CVE-2024-30863 ↗	Apr 1, 2024Monday, 1 April 2024, 16:15	6.3 MEDIUM	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/history.php.
CVE-2024-30862 ↗	Apr 1, 2024Monday, 1 April 2024, 16:15	8.8 HIGH	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/index.php.
CVE-2024-30861 ↗	Apr 1, 2024Monday, 1 April 2024, 16:15	5.3 MEDIUM	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configguide/ipsec_guide_1.php.
CVE-2024-30860 ↗	Apr 1, 2024Monday, 1 April 2024, 16:15	8.8 HIGH	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/export_excel_user.php.
CVE-2024-30859 ↗	Apr 1, 2024Monday, 1 April 2024, 16:15	8.8 HIGH	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupSSLCert.php.
CVE-2024-30858 ↗	Apr 1, 2024Monday, 1 April 2024, 16:15	9.8 CRITICAL	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fire_wall.php.
CVE-2024-30866 ↗	Apr 1, 2024Monday, 1 April 2024, 15:16	5.4 MEDIUM	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/menu.php.
CVE-2024-30865 ↗	Apr 1, 2024Monday, 1 April 2024, 15:15	9.8 CRITICAL	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_user_login.php.
CVE-2024-30864 ↗	Apr 1, 2024Monday, 1 April 2024, 15:15	6.3 MEDIUM	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupTimePolicy.php.
CVE-2024-30872 ↗	Apr 1, 2024Monday, 1 April 2024, 13:17	5.1 MEDIUM	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /include/authrp.php.
CVE-2024-30871 ↗	Apr 1, 2024Monday, 1 April 2024, 13:17	8.8 HIGH	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/applyhardware.php.
CVE-2024-30870 ↗	Apr 1, 2024Monday, 1 April 2024, 13:17	8.8 HIGH	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/address_interpret.php.
CVE-2024-30868 ↗	Apr 1, 2024Monday, 1 April 2024, 13:17	9.8 CRITICAL	—
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/add_getlogin.php.
CVE-2024-2644 ↗	Mar 19, 2024Tuesday, 19 March 2024, 22:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfirewall.php. The manipulation of the argument FireWallTableArray leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257282 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.