CVE-2024-8073

Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from 5.5R6-2.6.7 through 5.5R6-2.8.13.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hillstonenet:web_application_firewall:5.5r6-2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:hillstonenet:web_application_firewall:5.5r6-2.8.13:*:*:*:*:*:*:*

History

12 Sep 2024, 20:58

Type Values Removed Values Added
CWE CWE-77
CPE cpe:2.3:a:hillstonenet:web_application_firewall:5.5r6-2.8.13:*:*:*:*:*:*:*
cpe:2.3:a:hillstonenet:web_application_firewall:5.5r6-2.6.7:*:*:*:*:*:*:*
First Time Hillstonenet web Application Firewall
Hillstonenet
References () https://www.hillstonenet.com.cn/security-notification/2024/08/21/mlzrld-2/ - () https://www.hillstonenet.com.cn/security-notification/2024/08/21/mlzrld-2/ - Vendor Advisory

26 Aug 2024, 12:47

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de validación de entrada incorrecta en Hillstone Networks Hillstone Networks Web Application Firewall en 5.5R6 permite la inyección de comandos. Este problema afecta al Hillstone Networks Web Application Firewall: desde 5.5R6-2.6.7 hasta 5.5R6-2.8.13.

26 Aug 2024, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-26 03:15

Updated : 2024-09-12 20:58


NVD link : CVE-2024-8073

Mitre link : CVE-2024-8073

CVE.ORG link : CVE-2024-8073


JSON object : View

Products Affected

hillstonenet

  • web_application_firewall
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-20

Improper Input Validation