Vulnerabilities > Denyall

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-22	CVE-2017-14706	Improper Authentication vulnerability in Denyall I-Suite and web Application Firewall DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. network low complexity denyall CWE-287 critical	9.8
2017-09-22	CVE-2017-14705	OS Command Injection vulnerability in Denyall I-Suite and web Application Firewall DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. network high complexity denyall CWE-78	8.1

Vulnerabilities > Denyall {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Denyall"}]}