Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SecGate3600 Firewall Information Disclosure via authManageSet.cgi
Vulnerability Description
SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests to the vulnerable endpoint. An affected version range is undefined. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-06-18 UTC.
CVSS Information
N/A
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
QiAnXin SecGate3600 安全漏洞
Vulnerability Description
QiAnXin SecGate3600是中国奇安信(QiAnXin)公司的一款新一代防火墙安全产品。 QiAnXin SecGate3600存在安全漏洞,该漏洞源于身份验证检查不足,可能导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A