CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2021-45468
https://notcve.org/view.php?id=CVE-2021-45468
Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF. Imperva Web Application Firewall (WAF) versiones anteriores a 31-12-2021 permite a atacantes remotos no autenticados usar "Content-Encoding: gzip" para omitir los controles de seguridad del WAF y enviar peticiones HTTP POST maliciosas a servidores web detrás del WAF • https://bishopfox.com/blog/imperva-eliminates-critical-exposure • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14210
https://notcve.org/view.php?id=CVE-2020-14210
Reflected Cross-Site Scripting (XSS) vulnerability in MONITORAPP WAF in which script can be executed when responding to Request URL information. It provides a function to response to Request URL information when blocking. Vulnerabilidad de Cross-Site Scripting (XSS) reflejada en MONITORAPP WAF en la que se puede ejecutar un script al responder a la información de Request URL. Proporciona una función para responder a la información de Request URL cuando se bloquea • https://github.com/kbgsft/vuln-AIWAF/wiki/Cross-site-scripting%28XSS%29-vulnerability-in-AIWAF-in-MONITORAPP-by-xcuter https://github.com/monitorapp-aicc/report/wiki/CVE-2020-14210 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15524 – Kemp Load Balancer WAF 7.2.40 Bypass
https://notcve.org/view.php?id=CVE-2017-15524
The Application Firewall Pack (AFP, aka Web Application Firewall) component on Kemp Load Balancer devices with software before 7.2.40.1 allows a Security Feature Bypass via an HTTP POST request. El componente Application Firewall Pack (AFP, también conocido como Web Application Firewall) en los dispositivos Kemp Load Balancer con versiones de software anteriores a la 7.2.40.1 permite que se omita la característica de seguridad mediante una petición HTTP POST. Kemp load balancers with AFP WAF functionality versions 7.1.30 through 7.2.40 suffer from a POST bypass vulnerability. • http://www.securityfocus.com/archive/1/541602/100/0/threaded https://kemptechnologies.com/files/assets/documentation/7.2/release-notes/Release_Notes-LoadMaster.pdf?pdf-file-view=1 https://www.pallas.com/advisories/cve_2017_15524_kemp_afp_waf_bug_on_post_data •
CVSS: 9.3EPSS: 4%CPEs: 12EXPL: 2CVE-2017-14705
https://notcve.org/view.php?id=CVE-2017-14705
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by exploiting CVE-2017-14706. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments. DenyAll WAF en versiones anteriores a la 6.4.1 permite la ejecución remota de comandos sin autenticación mediante el puerto TCP 3001 debido a que los metacaracteres shell se pueden insertar en el parámetro type a la función tailDateFile en /webservices/stream/tail.php. Se necesita un parámetro de autenticación iToken, pero puede obtenerse mediante la explotación de CVE-2017-14706. • https://github.com/rapid7/metasploit-framework/pull/8980 https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 31%CPEs: 12EXPL: 2CVE-2017-14706
https://notcve.org/view.php?id=CVE-2017-14706
DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments. DenyAll WAF en versiones anteriores a la 6.4.1 permite que los atacantes remotos sin autenticar obtengan información de autenticación realizando una petición typeOf=debug a /webservices/download/index.php y, a continuación, leyendo el campo iToken en la respuesta. Esto afecta a DenyAll i-Suite LTS desde la versión 5.5.0 hasta la 5.5.12, i-Suite 5.6, Web Application Firewall 5.7 y las versiones 6.x de Web Application Firewall anteriores a la 6.4.1 con implementaciones On Premises o en la nube de AWS/Azure. • https://github.com/rapid7/metasploit-framework/pull/8980 https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall • CWE-287: Improper Authentication •