Hillstonenet: Security Vulnerabilities
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: fromĀ 5.5R6-2.6.7 through 5.5R6-2.8.13.
CVSS Score
9.8
EPSS Score
0.017
Published
2024-08-26
Cross Site Scripting (XSS) vulnerability in Hillstone Next Generation FireWall SG-6000-e3960 v.5.5 allows a remote attacker to execute arbitrary code via the use front-end filtering instead of back-end filtering.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-11-05
https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 <= 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a configuration error in report.m.
CVSS Score
9.8
EPSS Score
0.0
Published
2022-12-27