Description

The Sangfor NGAF has an authentication bypass vulnerability. An attacker can bypass the authentication with a specially crafted HTTP request and get access to the system.

Remediation

Upgrade to the latest version of Sangfor NGAF

References

Yet More Unauth Remote Command Execution Vulns in Firewalls - Sangfor Edition

Related Vulnerabilities

Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.6)

WordPress Plugin Rank Math SEO-Best SEO For WordPress To Increase Your SEO Traffic Security Bypass (1.0.27)

WordPress Plugin SiteGround Security Security Bypass (1.2.5)

WordPress Plugin Mobile blocks Security Bypass (1.0)

WordPress Plugin WP Munich Blocks-Gutenberg Blocks for WordPress Security Bypass (0.7.2)

Severity

High

Classification

CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Authentication Bypass