Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control in TR7's WAF-ASP
Vulnerability Description
Missing authentication for critical function vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Authentication Abuse. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
TR7 WAF-ASP 授权问题漏洞
Vulnerability Description
TR7 WAF-ASP是TR7个人开发者的一款Web应用防火墙软件。 TR7 WAF-ASP v1.0.324.900版本至v1.4.0.117之前版本存在授权问题漏洞,该漏洞源于缺少关键功能身份验证,可能导致身份验证滥用。
CVSS Information
N/A
Vulnerability Type
N/A