CVE-2017-18001

Name of the Vulnerable Software and Affected Versions Trustwave Secure Web Gateway (SWG) versions prior to 11.8.0.28

Description The issue is related to errors in cryptographic key management. It allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access. This can be achieved via the publicKey parameter to the "/sendKey" URI.

Recommendations For Trustwave Secure Web Gateway (SWG) versions prior to 11.8.0.28, update to version 11.8.0.28 or later to resolve the issue. As a temporary workaround, consider restricting access to the /sendKey URI to minimize the risk of exploitation. Avoid using the publicKey parameter in the affected HTTP POST request until the issue is resolved.