NSFOCUS SecGate3600 Firewall Missing Authentication Vulnerability in Information Disclosure

A vulnerability allowing sensitive information disclosure has been identified in the NSFOCUS SecGate3600 network firewall. This issue arises in the '/cgi-bin/authUser/authManageSet.cgi' endpoint, where the component fails to enforce proper authentication on POST requests. As a result, an unauthenticated remote attacker can exploit this vulnerability to access sensitive user data, including identifiers and configuration details, by sending crafted requests to the affected endpoint.

Impact

Exploitation of this vulnerability allows for unauthorized access to sensitive user information and configuration details on the firewall.

Reproduction

To reproduce this vulnerability, send a POST request to the '/cgi-bin/authUser/authManageSet.cgi' endpoint without authentication. Include the 'type=getAllUsers' parameter in the request data. If the response contains user IDs, the vulnerability has been successfully exploited.