Browse all 5 CVE security advisories affecting AlgoSec. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AlgoSec specializes in security policy management and application vulnerability assessment, helping organizations identify and remediate security flaws in their network infrastructure and applications. Historically, the company's products have been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues. AlgoSec has recorded five CVEs, primarily related to improper input validation and access control weaknesses in their policy management solutions. While no major security incidents have been publicly documented, these vulnerabilities could potentially allow attackers to bypass security controls or gain unauthorized access to sensitive systems if exploited.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12381 | Privilege Escalation via Misconfigured Sudoers Entry for Local Users in AlgoSec Firewall Analyzer — Firewall AnalyzerCWE-269 | 7.8AI | HighAI | 2025-12-09 |
| CVE-2025-12382 | Path Traversal Allows Remote Code Execution in AlgoSec Firewall Analyzer — Firewall AnalyzerCWE-22 | 8.8 | - | 2025-11-12 |
| CVE-2023-46596 | Improper input validation in FireFlow’s VisualFlow workflow editor — Algosec FireFlowCWE-79 | 5.1 | Medium | 2024-02-15 |
| CVE-2023-46595 | Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor — Algosec FireFlowCWE-79 | 5.9 | Medium | 2023-11-02 |
| CVE-2022-36783 | AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS) — FireFlow A32.0 | 6.5 | Medium | 2022-10-25 |
This page lists every published CVE security advisory associated with AlgoSec. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.