Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ESAFENET — Vulnerabilities & Security Advisories 50

Browse all 50 CVE security advisories affecting ESAFENET. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ESAFENET operates as a network security solution provider, primarily offering intrusion detection and prevention systems alongside firewall appliances for enterprise environments. Historical analysis of its software reveals a significant accumulation of fifty Common Vulnerabilities and Exposures, predominantly stemming from inadequate input validation and improper access controls. The most frequently exploited flaw classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation vulnerabilities, often resulting from legacy codebases lacking rigorous security testing. These defects have allowed attackers to bypass authentication mechanisms or execute arbitrary commands on affected devices. While specific large-scale breaches directly attributed to ESAFENET remain less publicized compared to major vendors, the high volume of disclosed CVEs indicates persistent weaknesses in its development lifecycle. Organizations utilizing these appliances must prioritize immediate patching and network segmentation to mitigate the risk of exploitation inherent in these documented security gaps.

Top products by ESAFENET: CDG DSM
CVE IDTitleCVSSSeverityPublished
CVE-2024-10594 ESAFENET CDG FileDirectoryService.java docHistory sql injection — CDGCWE-89 6.3 Medium2024-10-31
CVE-2024-10502 ESAFENET CDG FileDirectoryService.java getOneFileDirectory sql injection — CDGCWE-89 6.3 Medium2024-10-30
CVE-2024-10501 ESAFENET CDG ExamCDGDocService.java findById sql injection — CDGCWE-89 6.3 Medium2024-10-30
CVE-2024-10500 ESAFENET CDG HookWhiteListService.java sql injection — CDGCWE-89 6.3 Medium2024-10-30
CVE-2024-10379 ESAFENET CDG DecryptApplicationService.java actionViewDecyptFile path traversal — CDGCWE-24 4.3 Medium2024-10-25
CVE-2024-10378 ESAFENET CDG CDGRenewApplicationService.java actionViewCDGRenewFile sql injection — CDGCWE-89 6.3 Medium2024-10-25
CVE-2024-10377 ESAFENET CDG DecryptApplicationService.java actionPassDecryptApplication1 sql injection — CDGCWE-89 6.3 Medium2024-10-25
CVE-2024-10376 ESAFENET CDG AutoSignService.java actionPassOrNotAutoSign sql injection — CDGCWE-89 6.3 Medium2024-10-25
CVE-2024-10279 ESAFENET CDG PrintPolicyService.java sql injection — CDGCWE-89 6.3 Medium2024-10-23
CVE-2024-10278 ESAFENET CDG ReUserOrganiseService.java sql injection — CDGCWE-89 6.3 Medium2024-10-23
CVE-2024-10277 ESAFENET CDG UsbKeyAjax.java sql injection — CDGCWE-89 6.3 Medium2024-10-23
CVE-2024-10135 ESAFENET CDG NetSecConfigService.java actionDelNetSecConfig sql injection — CDGCWE-89 6.3 Medium2024-10-19
CVE-2024-10134 ESAFENET CDG MultiServerAjax.java connectLogout sql injection — CDGCWE-89 6.3 Medium2024-10-19
CVE-2024-10133 ESAFENET CDG NetSecPolicyAjax.java updateNetSecPolicyPriority sql injection — CDGCWE-89 6.3 Medium2024-10-19
CVE-2024-10072 ESAFENET CDG EncryptPolicyService.java actionAddEncryptPolicyGroup sql injection — CDGCWE-89 6.3 Medium2024-10-17
CVE-2024-10071 ESAFENET CDG EncryptPolicyService.java actionUpdateEncryptPolicyEdit sql injection — CDGCWE-89 6.3 Medium2024-10-17
CVE-2024-10070 ESAFENET CDG PolicyPushControlAction.java actionPolicyPush sql injection — CDGCWE-89 6.3 Medium2024-10-17
CVE-2024-10069 ESAFENET CDG MailDecryptApplicationService.java actionPassMainApplication sql injection — CDGCWE-89 6.3 Medium2024-10-17
CVE-2024-9560 ESAFENET CDG Catelogs;logindojojs delCatelogs sql injection — CDGCWE-89 6.3 Medium2024-10-06
CVE-2024-9536 ESAFENET CDG MultiServerBackService sql injection — CDGCWE-89 6.3 Medium2024-10-05

This page lists every published CVE security advisory associated with ESAFENET. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.