Vulnerabilities > Sangfor
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-30802 | Exposure of Resource to Wrong Sphere vulnerability in Sangfor Next-Gen Application Firewall 8.0.17 The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. | 5.3 |
| 2023-10-10 | CVE-2023-30803 | Authentication Bypass by Spoofing vulnerability in Sangfor Next-Gen Application Firewall 8.0.17 The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. | 9.8 |
| 2023-10-10 | CVE-2023-30804 | Unspecified vulnerability in Sangfor Next-Gen Application Firewall 8.0.17 The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. | 6.5 |
| 2023-10-10 | CVE-2023-30805 | OS Command Injection vulnerability in Sangfor Next-Gen Application Firewall 8.0.17 The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. | 9.8 |
| 2023-10-10 | CVE-2023-30806 | OS Command Injection vulnerability in Sangfor Next-Gen Application Firewall Ngaf8.0.17 The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. | 9.8 |
| 2022-02-26 | CVE-2022-22908 | Insufficiently Protected Credentials vulnerability in Sangfor VDI Client 5.4.2.1006 SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields. | 5.5 |