Sangfor Next-Gen Application Firewall PHPSESSID Command Injection | VulnCheck Advisories

Go back

Sangfor Next-Gen Application Firewall PHPSESSID Command Injection

severity: critical
date: October 10, 2023
Affecting: Sangfor NGAF 8.0.17.364 (AWS)
CVE: CVE-2023-30806
CVE type: OS command injection
CVSS: 9.8
CVSS V3 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References: Software
Research Advisory