CVE-2017-14705

Name of the Vulnerable Software and Affected Versions DenyAll WAF versions 5.5.0 through 5.5.12 DenyAll WAF version 5.6 DenyAll WAF version 5.7 DenyAll WAF versions 6.x before 6.4.1

Description The issue allows unauthenticated remote command execution via TCP port 3001. This is possible because shell metacharacters can be inserted into the type parameter to the tailDateFile function in "/webservices/stream/tail.php". An iToken authentication parameter is required but can be obtained by exploiting another issue.

Recommendations For DenyAll WAF versions 5.5.0 through 5.5.12, update to version 6.4.1 or later. For DenyAll WAF version 5.6, update to version 6.4.1 or later. For DenyAll WAF version 5.7, update to version 6.4.1 or later. For DenyAll WAF versions 6.x before 6.4.1, update to version 6.4.1 or later. As a temporary workaround, consider restricting access to the "/webservices/stream/tail.php" endpoint and the tailDateFile function until a patch is available.