CVE-2023-3792
Beijing Netcon NS-ASG test_status.php direct request
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability was found in Beijing Netcon NS-ASG 6.3. It has been classified as problematic. This affects an unknown part of the file /admin/test_status.php. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235059. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Es wurde eine Schwachstelle in Beijing Netcon NS-ASG 6.3 ausgemacht. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /admin/test_status.php. Dank der Manipulation mit unbekannten Daten kann eine direct request-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-07-20 CVE Reserved
- 2023-07-20 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2025-02-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-425: Direct Request ('Forced Browsing')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://vuldb.com/?id.235059 | Technical Description |
| URL | Date | SRC |
|---|---|---|
| https://github.com/CYN521/cve/blob/main/NS-ASG.md | 2024-08-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netentsec Search vendor "Netentsec" | Application Security Gateway Search vendor "Netentsec" for product "Application Security Gateway" | 6.3 Search vendor "Netentsec" for product "Application Security Gateway" and version "6.3" | - |
Affected
| ||||||