Skip to content

Instantly share code, notes, and snippets.

@Jakick
Last active March 6, 2023 09:56
Show Gist options
  • Save Jakick/7d1635b886654ddd0e476b3c79a7ba9f to your computer and use it in GitHub Desktop.
Save Jakick/7d1635b886654ddd0e476b3c79a7ba9f to your computer and use it in GitHub Desktop.
CVE-2023-26261 - WAAP Gateway/Cloud - Authentication bypass via blind XPath injection
In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user.
As a basic security requirement and also to prevent this attack, we strongly recommend that the administration interface (running on port 3001/tcp) is restricted to administrators only (by source IP fire-walling or admin VLAN segregation).
The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.
A patch (cpt) is available for versions prior to 6.11 and 6.5.6-patch15.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment