This host is running WebTitan and is prone to multiple vulnerabilities.

Successful exploitation will allow remote attackers to trivially gain privileged access to the device, execute arbitrary commands and gain access to arbitrary files. Impact Level: System/Application

Upgrade to WebTitan version 4.04 or later, For updates refer to http://www.webtitan.com

- The categories-x.php script not properly sanitizing user-supplied input to the 'sortkey' GET parameter. - Input passed via the 'fname' and 'logfile' parameters is not properly sanitized upon submission to logs-x.php. - Input passed via the 'ldapserver' parameter is not properly sanitized upon submission to the users-x.php script. - Input passed via the 'ntpserversList' POST parameter is not properly sanitized upon submission to the time-x.php script. - Input passed via the 'reportid' parameter is not properly sanitized upon submission to the schedulereports-x.php script. - Input passed via the 'delegated_admin' POST parameter is not properly sanitized upon submission to the reporting-x.php script. - The autoconf-x.php, contentfiltering-x.php, license-x.php, msgs.php, and reports-drill.php scripts not requiring authentication.

WebTitan version 4.01 (Build 68)

Send a crafted default credential via HTTP GET request and check whether it is able to get information or not.

• http://bot24.blogspot.in/2014/06/sec-consult-sa-20140606-0-multiple.html
• http://osvdb.org/107766
• http://osvdb.org/107767
• http://osvdb.org/107768
• http://osvdb.org/107769
• http://osvdb.org/107770
• http://osvdb.org/107771
• http://osvdb.org/107772
• http://osvdb.org/107773
• http://seclists.org/fulldisclosure/2014/Jun/35
• http://www.exploit-db.com/exploits/33699

---

Updated on 2015-03-25