Published: 19/09/2017 Updated: 27/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Astaro Security Gateway Firmware

Astaro Security Gateway (aka ASG) 7 allows remote malicious users to execute arbitrary code via a crafted request to index.plx.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sophos astaro_security_gateway_firmware 7.500
sophos astaro_security_gateway_firmware 7.506

#!/usr/bin/python # Astaro Security Gateway v7 - Unauthenticated Remote Code Execution # Exploit Authors: Jakub Palaczynski and Maciej Grabiec # Tested on versions: 7500 and 7506 # Date: 13122016 # Vendor Homepage: wwwsophoscom/ # CVE: CVE-2017-6315 import socket import sys import os import threading import subprocess import time # ...

Astaro Security Gateway 7 suffers from a remote code execution vulnerability ...

CWE-20 https://www.exploit-db.com/exploits/42726/https://nvd.nist.gov https://www.exploit-db.com/exploits/42726/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-6315

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect