VYPR
Vendor

Denyall

Products
3
CVEs
4
Across products
6
Status
Private

Products

3

Recent CVEs

4
  • CVE-2017-14706CriSep 22, 2017
    risk 0.69cvss 9.8epss 0.28

    DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12,…

  • CVE-2014-2595CriFeb 12, 2020
    risk 0.68cvss 9.8epss 0.17

    Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.

  • CVE-2017-14705HigSep 22, 2017
    risk 0.53cvss 8.1epss 0.07

    DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be…

  • CVE-2020-14210MedJun 16, 2020
    risk 0.40cvss 6.1epss 0.01

    Reflected Cross-Site Scripting (XSS) vulnerability in MONITORAPP WAF in which script can be executed when responding to Request URL information. It provides a function to response to Request URL information when blocking.