IDCVSSSummaryLast (major) updatePublished
CVE-2017-14705 9.3
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication par
03-10-2019 - 00:03 22-09-2017 - 18:29
CVE-2017-14706 7.5
DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LT
05-10-2017 - 14:07 22-09-2017 - 18:29
Back to Top Mark selected
Back to Top