Published: 22/09/2017 Updated: 03/10/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

DenyAll WAF prior to 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by exploiting CVE-2017-14706. This affects DenyAll i-Suite LTS 5.5.0 up to and including 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x prior to 6.4.1, with On Premises or AWS/Azure cloud deployments.

Vulnerable Product	Search on Vulmon	Subscribe to Product
denyall web application firewall 6.4.0
denyall web application firewall 6.3.0
denyall i-suite 5.6.0
denyall i-suite 5.5.12
denyall i-suite 5.5.11
denyall i-suite 5.5.10
denyall web application firewall 6.1.0
denyall web application firewall 5.7.0
denyall i-suite 5.5.9
denyall web application firewall 6.2.0
denyall web application firewall 6.0.0
denyall i-suite 5.5.0

CWE-78 https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall/https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution/https://github.com/rapid7/metasploit-framework/pull/8980 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-14705

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect