CVE-2014-9605

Name of the Vulnerable Software and Affected Versions Netsweeper versions prior to 3.1.10 Netsweeper versions 4.0.x prior to 4.0.9 Netsweeper versions 4.1.x prior to 4.1.2

Description The issue allows remote attackers to bypass authentication and perform certain actions on the server, such as creating a system backup tarball, restarting the server, or stopping the filters. This can be achieved by including a ' (single quote) character in the login and password parameters to the "webupgrade/webupgrade.php" endpoint.

Recommendations For Netsweeper versions prior to 3.1.10, update to version 3.1.10 or later. For Netsweeper versions 4.0.x prior to 4.0.9, update to version 4.0.9 or later. For Netsweeper versions 4.1.x prior to 4.1.2, update to version 4.1.2 or later. As a temporary workaround, consider restricting access to the "webupgrade/webupgrade.php" endpoint until a patch is available. Avoid using the login and password parameters with unvalidated input in the affected endpoint until the issue is resolved.