7 lines
No EOL
556 B
Text
7 lines
No EOL
556 B
Text
source: https://www.securityfocus.com/bid/11030/info
|
|
|
|
BadBlue is prone to a vulnerability that may let the application be abused as a proxy. This vulnerability presents itself due to the 'Pass Thru' function allowing the server to be used as a proxy. This could be exploited by malicious parties to obfuscate their identities and bypass network access controls and firewalls.
|
|
|
|
BadBlue Personal Edition versions 2.5 and prior are reportedly affected by this issue.
|
|
|
|
http://www.example.com/ext.dll?mfcisapicommand=PassThru&url=[Any IP:Any Port]/[Any Command] |