← Back to CVEs
CVE-2017-14705
N/ADescription
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by exploiting CVE-2017-14706. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments.
CVE Details
CVSS v3.1 ScoreN/A
Published9/22/2017
Last Modified4/20/2025
Sourcenvd
Honeypot Sightings0
Affected Products
denyall:i-suitedenyall:web_application_firewall
Weaknesses (CWE)
CWE-78
References
https://github.com/rapid7/metasploit-framework/pull/8980(cve@mitre.org)
https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution/(cve@mitre.org)
https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall/(cve@mitre.org)
https://github.com/rapid7/metasploit-framework/pull/8980(af854a3a-2127-422b-91ae-364da2661108)
https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution/(af854a3a-2127-422b-91ae-364da2661108)
https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.