Unrated severityNVD Advisory· Published Mar 4, 2009· Updated Apr 23, 2026

CVE-2009-0803

Description

SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

Affected products

Smoothwall/Networkguardian
cpe:2.3:a:smoothwall:networkguardian:2008:*:*:*:*:*:*:*
Smoothwall/Schoolguardian
cpe:2.3:a:smoothwall:schoolguardian:2008:*:*:*:*:*:*:*
Smoothwall/Smoothguardian
cpe:2.3:a:smoothwall:smoothguardian:2008:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/33858nvdVendor Advisory
www.kb.cert.org/vuls/id/435052nvdUS Government Resource
www.kb.cert.org/vuls/id/MAPG-7M6SM7nvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000