Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
accellion fta vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2017-8794
An issue exists on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/1000@/wmProgressval.html allows SSRF attacks with a file:///etc/passwd#https:// URL pattern.
Accellion File Transfer Appliance
4.3
CVSSv2
CVE-2017-8760
An issue exists on Accellion FTA devices before FTA_9_12_180. There is XSS in courier/1000@/index.html with the auth_params parameter. The device tries to use internal WAF filters to stop specific XSS Vulnerabilities. However, these can be bypassed by using some modifications to ...
Accellion File Transfer Appliance
6.8
CVSSv2
CVE-2017-8793
An issue exists on Accellion FTA devices before FTA_9_12_180. By sending a POST request to home/seos/courier/web/wmProgressstat.html.php with an attacker domain in the acallow parameter, the device will respond with an Access-Control-Allow-Origin header allowing the malicious use...
Accellion File Transfer Appliance
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3