Unrated severityNVD Advisory· Published Oct 10, 2023· Updated Nov 28, 2025
Sangfor Next-Gen Application Firewall Authentication Bypass
CVE-2023-30803
Description
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access administrative functionality by sending HTTP requests using a crafted Y-forwarded-for header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2=8.0.17+ 1 more
- (no CPE)range: =8.0.17
- (no CPE)range: 8.0.17
Patches
Vulnerability mechanics
References
3- labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/mitrethird-party-advisoryexploittechnical-description
- vulncheck.com/advisories/sangfor-ngaf-auth-bypassmitrethird-party-advisory
- aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4mitreproduct
News mentions
0No linked articles in our index yet.