Netasq UTM suffer from bypassing metacharacters filter

2012.07.29

Credit: coolkaveh

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Title:Netasq UTM suffer from bypassing metacharacters filter
coolkaveh Advisory
coolkaveh () rocketmail com
Https://twitter.com/coolkaveh
Product : Netasq utm
Vendor Homepage: http://netasq.com
Criticality level : High
Description : A vulnerability has been discovered in Netasq UTM, which
can be exploited by malicious people to bypass metacharacters filter
provided by Netasq UTM. Input passed via the method POST is not
properly filtering before being passes to the webserver. This can be
exploited to SQL injection and etc.
Credit : coolkaveh

References:

https://twitter.com/coolkaveh

http://netasq.com

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Netasq UTM suffer from bypassing metacharacters filter

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.