Published: 03/03/2023 Updated: 10/03/2023

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 0

On Barracuda CloudGen WAN Private Edge Gateway devices prior to 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated malicious user to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters.

Vulnerable Product	Search on Vulmon	Subscribe to Product
barracuda t100b_firmware 8.3.1
barracuda t200c_firmware 8.3.1
barracuda t400c_firmware 8.3.1
barracuda t600d_firmware 8.3.1
barracuda t900b_firmware 8.3.1
barracuda t93a_firmware 8.3.1
barracuda t193a_firmware 8.3.1

Barracuda CloudGen WAN provides a private edge appliance for hybrid deployments An authenticated user in the administration interface for the private edge virtual appliance can inject arbitrary OS commands via the /ajax/update_certificate endpoint Versions prior to v8* hotfix 1089 are affected ...

CWE-78 http://seclists.org/fulldisclosure/2023/Mar/2 https://sec-consult.com/vulnerability-lab/advisory/os-command-injection-in-barracuda-cloudgen-wan/https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/https://www.barracuda.com/products/network-security/cloudgen-wan https://nvd.nist.gov https://packetstormsecurity.com/files/171235/Barracuda-CloudGen-WAN-OS-Command-Injection.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-26213

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect