PT-2023-6170 · Sangfor · Sangfor Next-Gen Application Firewall

Watchtowr Labs

Published

2023-10-10

Updated

2025-11-28

CVE-2023-30802

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Sangfor Next-Gen Application Firewall version NGAF8.0.17

Description The issue is related to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field. This allows the attacker to access sensitive information.

Recommendations For Sangfor Next-Gen Application Firewall version NGAF8.0.17, consider restricting access to the HTTP endpoint that handles requests with the Content-Length field until a patch is available. As a temporary workaround, disabling the handling of invalid Content-Length fields may help mitigate the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

OS Command Injection

Exposure of Resource to Wrong Sphere

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78CWE-668CWE-540CWE-200

Related Identifiers

BDU:2023-06876

BDU:2023-06879

CVE-2023-30802

Affected Products

Sangfor Next-Gen Application Firewall

PT-2023-6170 · Sangfor · Sangfor Next-Gen Application Firewall

CVE-2023-30802

Weakness Enumeration

Related Identifiers

Affected Products

References · 12