漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
SecGate3600 Firewall Information Disclosure via authManageSet.cgi
Vulnerability Description
SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests to the vulnerable endpoint. An affected version range is undefined. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-06-18 UTC.
CVSS Information
N/A
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
QiAnXin SecGate3600 安全漏洞
Vulnerability Description
QiAnXin SecGate3600是中国奇安信(QiAnXin)公司的一款新一代防火墙安全产品。 QiAnXin SecGate3600存在安全漏洞,该漏洞源于身份验证检查不足,可能导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A