cbcvebase.

Algosec Firewall Analyzer vulnerabilities

4 known vulnerabilities affecting algosec/firewall_analyzer.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2025-12382P3HIGHCVSS 8.8va33.0va33.10+2 more2025-11-12
CVE-2025-12382 [HIGH] CWE-22 CVE-2025-12382: Improper Limitation of a Pathname 'Path Traversal') vulnerability in Algosec Firewall Analyzer on Li Improper Limitation of a Pathname 'Path Traversal') vulnerability in Algosec Firewall Analyzer on Linux, 64 bit allows an authenticated user to upload files to a restricted directory leading to code injection. This issue affects Algosec Firewall Analyzer: A33.0 (up to build 320), A33.10 (up to build 210).
nvd
CVE-2025-12381P3HIGHCVSS 7.8va33.0va33.10+2 more2025-12-09
CVE-2025-12381 [HIGH] CWE-269 CVE-2025-12381: Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows Pri Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows Privilege Escalation, Parameter Injection. A local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file. This issue affects Firewall Analyzer: A33.0, A33.10.
nvd
CVE-2013-5092P4MEDIUMCVSS 4.3PoCv6.12014-01-29
CVE-2013-5092 [MEDIUM] CWE-79 CVE-2013-5092: Cross-site scripting (XSS) vulnerability in afa/php/Login.php in AlgoSec Firewall Analyzer 6.1-b86 a Cross-site scripting (XSS) vulnerability in afa/php/Login.php in AlgoSec Firewall Analyzer 6.1-b86 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
nvd
CVE-2013-7318P4MEDIUMCVSS 4.3v6.42014-01-29
CVE-2013-7318 [MEDIUM] CWE-79 CVE-2013-7318: Cross-site scripting (XSS) vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allo Cross-site scripting (XSS) vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
nvd
Algosec Firewall Analyzer vulnerabilities | cvebase