cbcvebase.
CVE-2017-14705
published 2017-09-22

CVE-2017-14705: DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter…

PriorityP355high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EPSS
7.36%
93.6th percentile
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by exploiting CVE-2017-14706. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments.

Affected

12 ranges
VendorProductVersion rangeFixed in
denyalli-suite
denyalli-suite
denyalli-suite
denyalli-suite
denyalli-suite
denyalli-suite
denyallweb_application_firewall
denyallweb_application_firewall
denyallweb_application_firewall
denyallweb_application_firewall
denyallweb_application_firewall
denyallweb_application_firewall

CVSS provenance

nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.