Nsuwyh

**Name of the Vulnerable Software and Affected Versions** Netentsec NS-ASG Application Security Gateway version 6.3 **Description** A critical issue affects some unknown functionality of the file /admin/config Anticrack.php, where the manipulation of the `GroupId` argument leads to SQL injection. This can be exploited remotely. The issue is related to the lack of protection of the SQL query structure. **Recommendations** For version 6.3, as a temporary workaround, consider restricting access to the /admin/config Anticrack.php file and avoiding the use of the `GroupId` argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.