Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
CVE-2023-26261 - WAAP Gateway/Cloud - Authentication bypass via blind XPath injection
In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user.
As a basic security requirement and also to prevent this attack, we strongly recommend that the administration interface (running on port 3001/tcp) is restricted to administrators only (by source IP fire-walling or admin VLAN segregation).
The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.
A patch (cpt) is available for versions prior to 6.11 and 6.5.6-patch15.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment