Vulnerabilities (CVE)

Filtered by vendor Hillstonenet Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-46964 1 Hillstonenet 2 Sc-6000-e3960, Sc-6000-e3960 Firmware 2024-11-21 N/A 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in Hillstone Next Generation FireWall SG-6000-e3960 v.5.5 allows a remote attacker to execute arbitrary code via the use front-end filtering instead of back-end filtering.
CVE-2022-45778 1 Hillstonenet 8 Sc-6000-wv02, Sc-6000-wv02 Firmware, Sc-6000-wv04 and 5 more 2024-11-21 N/A 9.8 CRITICAL
https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 <= 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a configuration error in report.m.
CVE-2024-8073 1 Hillstonenet 1 Web Application Firewall 2024-09-12 N/A 9.8 CRITICAL
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: fromĀ 5.5R6-2.6.7 through 5.5R6-2.8.13.