Vulnerability Description
SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are enabled, do not properly handle the CONNECT command, which allows remote attackers to bypass intended URL restrictions via a TCP session.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Seil | B1 | 2.30 |
| Seil | X1 | 2.30 |
| Seil | X2 | 2.30 |
| Seil | B1 Firmware | 2.30 |
| Seil | X86 Firmware | 1.00 |
References
- http://jvn.jp/en/jp/JVN24646833/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000059
- http://www.seil.jp/support/security/a01232.htmlVendor Advisory
- http://jvn.jp/en/jp/JVN24646833/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000059
- http://www.seil.jp/support/security/a01232.htmlVendor Advisory
FAQ
What is CVE-2012-2632?
CVE-2012-2632 is a vulnerability with a CVSS score of 2.6 (LOW). SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are ena...
How severe is CVE-2012-2632?
CVE-2012-2632 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2632?
Check the references section above for vendor advisories and patch information. Affected products include: Seil B1, Seil X1, Seil X2, Seil B1 Firmware, Seil X86 Firmware.