CVE-2023-7308
HIGH EXPLOITEDNSFOCUS SecGate3600 Firmware - Unauthenticated Sensitive Information Disclosure via authManageSet.cgi Endpoint
Title source: llmExploitation Summary
CVE-2023-7308 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests to the vulnerable endpoint. An affected version range is undefined. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-06-18 UTC.
References (3)
Core 3
Core References
Exploit exploit
https://github.com/jjjj1029056414/selfpoc/blob/main/wangshen-SecGate3600-information-leakage.py
Product product
https://nsfocusglobal.com/products/next-gen-firewall-2/
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/secgate3600-firewall-info-disc
Scores
CVSS v3
7.5
EPSS
0.0671
EPSS Percentile
93.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
VulnCheck KEV
2024-06-18
CWE
CWE-306
Status
published
Products (1)
nsfocusglobal/secgate3600_firmware
Published
Aug 27, 2025
Tracked Since
Feb 18, 2026