.. / CVE-2024-2330

Exploit for NS-ASG Application Security Gateway 6.3 - Sql Injection (CVE-2024-2330)

Description:

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /protocol/index.php. The manipulation of the argument IPAddr leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Nuclei Template

View the template here CVE-2024-2330.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-2330.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-2330
https://github.com/jikedaodao/cve/blob/main/NS-ASG-sql-addmacbind.md
https://vuldb.com/?id.256281
https://vuldb.com/?ctiid.256281
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-2330