WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote malicious users to cause a denial of service (hang) via a URL containing an MS-DOS device name such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openconnect webconnect 6.5 |
||
openconnect webconnect 6.4.4 |