How severe is CVE-2023-30803?

CVE-2023-30803 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2023-30803

Name: next-gen_application_firewall
Author: sangfor

9.8CRITICAL

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access adminis

Published: 10/10/2023Updated: 11/28/2025

Description

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access administrative functionality by sending HTTP requests using a crafted Y-forwarded-for header.

AI AnalysisPowered by AI

Affected Products

sangfornext-gen_application_firewall

8.0.17

References

https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4
Product
https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/
ExploitThird Party Advisory
https://vulncheck.com/advisories/sangfor-ngaf-auth-bypass
Third Party Advisory
https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4
Product
https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/
ExploitThird Party Advisory
https://vulncheck.com/advisories/sangfor-ngaf-auth-bypass
Third Party Advisory