CVE-2017-14705
published 2017-09-22CVE-2017-14705: DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter…
PriorityP355high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EPSS
7.36%
93.6th percentile
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by exploiting CVE-2017-14706. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| denyall | i-suite | — | — |
| denyall | i-suite | — | — |
| denyall | i-suite | — | — |
| denyall | i-suite | — | — |
| denyall | i-suite | — | — |
| denyall | i-suite | — | — |
| denyall | web_application_firewall | — | — |
| denyall | web_application_firewall | — | — |
| denyall | web_application_firewall | — | — |
| denyall | web_application_firewall | — | — |
| denyall | web_application_firewall | — | — |
| denyall | web_application_firewall | — | — |
CVSS provenance
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/rapid7/metasploit-framework/pull/8980https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution/https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall/https://github.com/rapid7/metasploit-framework/pull/8980https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution/https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall/
2017-09-22
Published