CVEs-PoC/2009/CVE-2009-3457.md

CVE-2009-3457

Description

Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.

POC

Reference

• http://seclists.org/fulldisclosure/2009/Sep/0369.html

Github

No PoCs found on GitHub currently.