Unrated severityNVD Advisory· Published Oct 10, 2023· Updated Nov 28, 2025
Sangfor Next-Gen Application Firewall Source Code Disclosure
CVE-2023-30802
Description
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 8.0.17+ 1 more
- (no CPE)range: = 8.0.17
- (no CPE)range: 8.0.17
Patches
Vulnerability mechanics
References
3- labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/mitrethird-party-advisoryexploittechnical-description
- vulncheck.com/advisories/sangfor-ngaf-sourcemitrethird-party-advisory
- aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4mitreproduct
News mentions
0No linked articles in our index yet.