CVE-2023-30805

Name of the Vulnerable Software and Affected Versions Sangfor Next-Gen Application Firewall version NGAF8.0.17

Description The issue is related to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the "/LogInOut.php" endpoint. This vulnerability is due to the mishandling of shell meta-characters in the un parameter.

Recommendations For Sangfor Next-Gen Application Firewall version NGAF8.0.17, as a temporary workaround, consider restricting access to the "/LogInOut.php" endpoint until a patch is available. Additionally, avoid using the un parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.