Source Code Disclosure in Radware AppWall Web Application Firewall
CVE-2009-2301

Currently unrated

Key Information:

Vendor: Radware
Status: Appwall; Gateway
Vendor: CVE Published:; 2 July 2009

What is CVE-2009-2301?

The Radware AppWall Web Application Firewall version 1.0.2.6, when utilized with Gateway version 4.6.0.2, presents a security risk that allows remote attackers to access sensitive source code files. By sending direct requests to specific files within the management interface, such as funcs.inc, defines.inc, or msg.inc, an attacker may retrieve critical parts of the application's source code. This type of exposure could lead to further exploitation and compromise of the affected systems.

References

http://www.securityfocus.com/archive/1/504682/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 2, 2009
Vulnerability Reserved
Jul 2, 2009

CVE-2009-2301 Data

JSON