CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-41823
https://notcve.org/view.php?id=CVE-2021-41823
The Web Application Firewall (WAF) in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism. El firewall de aplicaciones web (WAF) en Kemp LoadMaster 7.2.54.1 permite ciertos usos de onmouseover para evitar un mecanismo de protección XSS. • https://pastebin.com/kpx9Nvbf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15524 – Kemp Load Balancer WAF 7.2.40 Bypass
https://notcve.org/view.php?id=CVE-2017-15524
The Application Firewall Pack (AFP, aka Web Application Firewall) component on Kemp Load Balancer devices with software before 7.2.40.1 allows a Security Feature Bypass via an HTTP POST request. El componente Application Firewall Pack (AFP, también conocido como Web Application Firewall) en los dispositivos Kemp Load Balancer con versiones de software anteriores a la 7.2.40.1 permite que se omita la característica de seguridad mediante una petición HTTP POST. Kemp load balancers with AFP WAF functionality versions 7.1.30 through 7.2.40 suffer from a POST bypass vulnerability. • http://www.securityfocus.com/archive/1/541602/100/0/threaded https://kemptechnologies.com/files/assets/documentation/7.2/release-notes/Release_Notes-LoadMaster.pdf?pdf-file-view=1 https://www.pallas.com/advisories/cve_2017_15524_kemp_afp_waf_bug_on_post_data •