Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ESAFENET — Vulnerabilities & Security Advisories 50

Browse all 50 CVE security advisories affecting ESAFENET. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ESAFENET operates as a network security solution provider, primarily offering intrusion detection and prevention systems alongside firewall appliances for enterprise environments. Historical analysis of its software reveals a significant accumulation of fifty Common Vulnerabilities and Exposures, predominantly stemming from inadequate input validation and improper access controls. The most frequently exploited flaw classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation vulnerabilities, often resulting from legacy codebases lacking rigorous security testing. These defects have allowed attackers to bypass authentication mechanisms or execute arbitrary commands on affected devices. While specific large-scale breaches directly attributed to ESAFENET remain less publicized compared to major vendors, the high volume of disclosed CVEs indicates persistent weaknesses in its development lifecycle. Organizations utilizing these appliances must prioritize immediate patching and network segmentation to mitigate the risk of exploitation inherent in these documented security gaps.

Top products by ESAFENET: CDG DSM
CVE IDTitleCVSSSeverityPublished
CVE-2025-3401 ESAFENET CDG getLimitIPList.jsp sql injection — CDGCWE-89 7.3 High2025-04-08
CVE-2025-3400 ESAFENET CDG UnChkMailApplication.jsp sql injection — CDGCWE-89 7.3 High2025-04-08
CVE-2025-3399 ESAFENET CDG updateNotice.jsp sql injection — CDGCWE-89 7.3 High2025-04-08
CVE-2025-3003 ESAFENET CDG UserAjax sql injection — CDGCWE-89 6.3 Medium2025-03-31
CVE-2025-2927 ESAFENET CDG getFileTypeList.jsp sql injection — CDGCWE-89 7.3 High2025-03-28
CVE-2025-1845 ESAFENET DSM examExportPDF command injection — DSMCWE-77 6.3 Medium2025-03-03
CVE-2025-1844 ESAFENET CDG backupLogDetail.jsp sql injection — CDGCWE-89 6.3 Medium2025-03-03
CVE-2025-1841 ESAFENET CDG ClientSortLog.jsp sql injection — CDGCWE-89 7.3 High2025-03-03
CVE-2025-1840 ESAFENET CDG updateorg.jsp sql injection — CDGCWE-89 7.3 High2025-03-02
CVE-2025-1158 ESAFENET CDG addPolicyToSafetyGroup.jsp sql injection — CDGCWE-89 6.3 Medium2025-02-10
CVE-2025-0795 ESAFENET CDG todolistjump.jsp cross site scripting — CDGCWE-79 3.5 Low2025-01-29
CVE-2025-0794 ESAFENET CDG todoDetail.jsp cross site scripting — CDGCWE-79 3.5 Low2025-01-29
CVE-2025-0793 ESAFENET CDG todoDetail.jsp sql injection — CDGCWE-89 6.3 Medium2025-01-29
CVE-2025-0792 ESAFENET CDG sdTodoDetail.jsp sql injection — CDGCWE-89 6.3 Medium2025-01-29
CVE-2025-0791 ESAFENET CDG sdDoneDetail.jsp sql injection — CDGCWE-89 6.3 Medium2025-01-28
CVE-2025-0790 ESAFENET CDG doneDetail.jsp cross site scripting — CDGCWE-79 3.5 Low2025-01-28
CVE-2025-0789 ESAFENET CDG doneDetail.jsp sql injection — CDGCWE-89 6.3 Medium2025-01-28
CVE-2025-0788 ESAFENET CDG content_top.jsp sql injection — CDGCWE-89 6.3 Medium2025-01-28
CVE-2025-0787 ESAFENET CDG appDetail.jsp cross site scripting — CDGCWE-79 3.5 Low2025-01-28
CVE-2025-0786 ESAFENET CDG appDetail.jsp sql injection — CDGCWE-89 6.3 Medium2025-01-28
CVE-2025-0785 ESAFENET CDG SysConfig.jsp cross site scripting — CDGCWE-79 3.5 Low2025-01-28
CVE-2024-10660 ESAFENET CDG HookService.java deleteHook sql injection — CDGCWE-89 6.3 Medium2024-11-01
CVE-2024-10659 ESAFENET CDG CDGAuthoriseTempletService.java delSystemEncryptPolicy sql injection — CDGCWE-89 6.3 Medium2024-11-01
CVE-2024-10613 ESAFENET CDG SystemEncryptPolicyService.java delSystemEncryptPolicy sql injection — CDGCWE-89 6.3 Medium2024-11-01
CVE-2024-10612 ESAFENET CDG HookInvalidCourseService.java removeHookInvalidCourse sql injection — CDGCWE-89 6.3 Medium2024-11-01
CVE-2024-10611 ESAFENET CDG PrintScreenListService.java delProtocol sql injection — CDGCWE-89 6.3 Medium2024-11-01
CVE-2024-10610 ESAFENET CDG ProtocolService.java delProtocol sql injection — CDGCWE-89 6.3 Medium2024-11-01
CVE-2024-10597 ESAFENET CDG PolicyActionService.java delPolicyAction sql injection — CDGCWE-89 6.3 Medium2024-10-31
CVE-2024-10596 ESAFENET CDG EncryptPolicyTypeService.java delEntryptPolicySort sql injection — CDGCWE-89 6.3 Medium2024-10-31
CVE-2024-10595 ESAFENET CDG PublicDocInfoAjax.java delDifferCourseList sql injection — CDGCWE-89 6.3 Medium2024-10-31

This page lists every published CVE security advisory associated with ESAFENET. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.