Netentsec · Netentsec Ns-Asg Application Security Gateway · CVE-2024-2647
**Name of the Vulnerable Software and Affected Versions**
Netentsec NS-ASG Application Security Gateway version 6.3
**Description**
A critical issue has been found in the processing of the file "/admin/singlelogin.php". The manipulation of the `loginId` argument leads to SQL injection. The attack may be initiated remotely.
**Recommendations**
For Netentsec NS-ASG Application Security Gateway version 6.3, as a temporary workaround, consider restricting access to the "/admin/singlelogin.php" file until a patch is available. Additionally, avoid using the `loginId` argument in the affected file to minimize the risk of exploitation.