header-logo
Suggest Exploit
vendor:
Firewalls
by:
Shadow Brokers
9,3
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: Firewalls
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2016

TOPSEC Firewalls – Remote Code Execution (ELIGIBLECANDIDATE)

The vulnerability exists in the TOPSEC Firewalls, which allows an unauthenticated attacker to execute arbitrary code remotely. This is due to the ELIGIBLECANDIDATE parameter not being properly sanitized before being used in a system call. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server.

Mitigation:

Upgrade to the latest version of TOPSEC Firewalls.
Source

Exploit-DB raw data:

# Exploit Title: TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE)
# Date: 19-08-2016
# Exploit Author: Shadow Brokers
# Vendor Homepage: http://www.topsec.com.cn/


Full Exploit:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40273.zip

Navigation

Suggest Exploit

Services By CQR