CVE-2018-4031

Name of the Vulnerable Software and Affected Versions CUJO Smart Firewall version 7003

Description The issue exists in the safe browsing function, where the parsing of HTTP requests is flawed. Specifically, the server hostname extracted from captured HTTP/HTTPS requests is inserted into a Lua statement without proper sanitization, leading to arbitrary Lua script execution in the kernel. This can be exploited by an attacker sending a crafted HTTP request.

Recommendations For CUJO Smart Firewall version 7003, consider disabling the safe browsing function until a patch is available to prevent arbitrary Lua script execution. Restrict access to the kernel to minimize the risk of exploitation. Avoid using the safe browsing function with untrusted HTTP requests until the issue is resolved.