CVE-2004-2107

Finjan SurfinGate 6.0 and 7.0 - Unauthenticated Command Execution via FHTTP Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2107. PoCs published by David Byrne.

AI-analyzed exploit summary This exploit demonstrates a vulnerability in Finjan SurfinGate that allows remote attackers to execute management commands via the FHTTP protocol on port 3141/TCP, specifically to restart the server, resulting in a denial of service.

Description

Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.

Exploits (1)

exploitdb WORKING POC VERIFIED

by David Byrne · textremotelinux

https://www.exploit-db.com/exploits/23585

View Code ZIP pw:eip

This exploit demonstrates a vulnerability in Finjan SurfinGate that allows remote attackers to execute management commands via the FHTTP protocol on port 3141/TCP, specifically to restart the server, resulting in a denial of service.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Finjan SurfinGate 6.0

No auth needed

Prerequisites: Network access to port 3141/TCP on the target system

MITRE ATT&CK