CVE-2023-7308

Name of the Vulnerable Software and Affected Versions: SecGate3600 (affected versions not specified)

Description: SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure issue. The vulnerable component fails to enforce authentication checks on POST requests to the /cgi-bin/authUser/authManageSet.cgi endpoint, allowing an unauthenticated remote attacker to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.