Results 1 to 3 of 3
  1. #1
    Newbie
    Join Date
    Sep 2014
    Posts
    4

    Default Rapid7 shows Blind SQL Injection vulnerability

    We have three untangle routers in our network. One of these was flagged with a blind SQL injection vulnerability when a scan was run.

    What causes this and how do I fix?

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    You'll need to get more information from rapid7. It should provide you sufficient details to investigate.
    If it does not then I would contact them and ask for the required information.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    Sep 2014
    Posts
    4

    Default

    HTTP Port 80

    Found blind SQL injection on http://*.*.*.*/setup/welcome.do?P=+A...w-/script+AD4- using method GET


    That's the only info they have on it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2