hundanchen69

16 exploits Active since Mar 2024
CVE-2024-2644 WRITEUP MEDIUM WRITEUP
Netentsec NS-ASG 6.3 - SQL Injection
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfirewall.php. The manipulation of the argument FireWallTableArray leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257282 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 6.3
CVE-2024-30858 WRITEUP CRITICAL WRITEUP
netentsec ns-asg_firmware 6.3 - SQL Injection via /admin/edit_fire_wall.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fire_wall.php.
CVSS 9.8
CVE-2024-30859 WRITEUP HIGH WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via /admin/config_ISCGroupSSLCert.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupSSLCert.php.
CVSS 8.8
CVE-2024-30860 WRITEUP HIGH WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via export_excel_user.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/export_excel_user.php.
CVSS 8.8
CVE-2024-30861 WRITEUP MEDIUM WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via IPsec Guide Configuration
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configguide/ipsec_guide_1.php.
CVSS 5.3
CVE-2024-30862 WRITEUP HIGH WORKING POC
netentsec NS-ASG 6.3 - SQL Injection via /3g/index.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/index.php.
CVSS 8.8
CVE-2024-30863 WRITEUP MEDIUM WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via /WebPages/history.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/history.php.
CVSS 6.3
CVE-2024-30864 WRITEUP MEDIUM WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via config_ISCGroupTimePolicy.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupTimePolicy.php.
CVSS 6.3
CVE-2024-30865 WRITEUP CRITICAL WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via edit_user_login.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_user_login.php.
CVSS 9.8
CVE-2024-30866 WRITEUP MEDIUM WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via /3g/menu.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/menu.php.
CVSS 5.4
CVE-2024-30867 WRITEUP CRITICAL WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via edit_virtual_site_info.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_virtual_site_info.php.
CVSS 9.8
CVE-2024-30868 WRITEUP CRITICAL WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via /admin/add_getlogin.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/add_getlogin.php.
CVSS 9.8
CVE-2024-30870 WRITEUP HIGH WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via /admin/address_interpret.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/address_interpret.php.
CVSS 8.8
CVE-2024-30871 WRITEUP HIGH WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via applyhardware.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/applyhardware.php.
CVSS 8.8
CVE-2024-30872 WRITEUP MEDIUM WRITEUP
netentsec NS-ASG 6.3 - SQL Injection via authrp.php
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /include/authrp.php.
CVSS 5.1
CVE-2024-3458 WRITEUP MEDIUM WRITEUP
Netentsec NS-ASG Application Security Gateway 6.3 - SQL Injection via TunnelId Parameter
A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /admin/add_ikev2.php. The manipulation of the argument TunnelId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259714 is the identifier assigned to this vulnerability.
CVSS 6.3