Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Missing authentication on a network-reachable critical function gives unauthenticated, low-complexity, no-interaction access (AV:N/AC:L/PR:N/UI:N) with full appliance compromise, so C/I/A all High.
Primary rating from Vendor (TR-CERT).
CVSS VectorVendor: TR-CERT
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Missing authentication for critical function vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Authentication Abuse.
This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117.
AnalysisAI
Authentication abuse in TR7 Cyber Defense WAF-ASP (versions v1.0.324.900 through v1.4.0.116) lets remote unauthenticated attackers invoke a security-critical function that fails to enforce any authentication check, yielding full compromise of confidentiality, integrity, and availability per the CVSS 9.8 rating. Because WAF-ASP is a web application firewall, abusing this exposed function can subvert the very protection layer meant to shield downstream applications. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | No special conditions - remote unauthenticated exploitation against network-reachable installations of TR7 WAF-ASP in the affected version range (v1.0.324.900 up to v1.4.0.117), consistent with the AV:N/AC:L/PR:N/UI:N vector. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals available are limited but consistent toward high priority. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker scans for Internet-exposed WAF-ASP instances and sends a crafted HTTP request directly to the unauthenticated critical function, with no credentials, tokens, or user interaction required. Leveraging the missing authentication check, they invoke administrative or policy functionality to read protected data, alter or disable WAF filtering rules, or otherwise compromise the appliance, exposing every application behind it. … |
| Remediation | Upgrade WAF-ASP to v1.4.0.117 or later, which is the first release outside the affected range and per the disclosure the fixed version (Vendor-released patch: v1.4.0.117). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify and document all TR7 WAF-ASP appliances running versions v1.0.324.900 through v1.4.0.116; review network logs for unauthorized access attempts to these systems. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Stored XSS in TR7 Cyber Defense Inc.'s WAF-ASP web application firewall permits authenticated low-privilege attackers to
DOM-Based cross-site scripting in TR7 Cyber Defense Inc.'s WAF-ASP product allows an authenticated low-privilege attacke
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41371
GHSA-6qqj-v86p-pcpj