Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WatchGuard SOHO和Vclass/RSSA绕过防火墙规则漏洞
Vulnerability Description
WatchGuard SOHO产品运行固件5.1.6及其之前版本且Vclass/RSSA使用3.2 SP1及其之前版本时存在漏洞。远程攻击者通过发送PASV命令字符串绕过防火墙规则,该命令字符串作为FTP服务器另一个命令的参数,该漏洞产生一个包含该字符串的响应,导致IPFilter将该响应视为来自服务器的一个合法PASV命令处理。
CVSS Information
N/A
Vulnerability Type
N/A