CVE-2024-8073

Name of the Vulnerable Software and Affected Versions: Hillstone Networks Web Application Firewall versions 5.5R6-2.6.7 through 5.5R6-2.8.13

Description: The issue is related to an Improper Input Validation vulnerability that allows Command Injection. This vulnerability affects Hillstone Networks Web Application Firewall and can be exploited due to incorrect input validation, allowing an attacker to perform Remote Code Execution (RCE) on the affected device.

Recommendations: For versions 5.5R6-2.6.7 through 5.5R6-2.8.13, update to version 5.5R6-2.6.8 or higher to resolve the issue. As a temporary workaround, consider restricting access to vulnerable components until a patch is applied.