Primary

Context

Hillstone Networks Next Generation Firewall Sensitive Information Disclosure Vulnerability

Vulnerability

A vulnerability in Hillstone Networks Next Generation Firewall, specifically in versions 5.5R8P1 prior to 5.5R8P23, allows for the generation of error messages that inadvertently disclose sensitive information. This information leakage includes absolute path details, which could provide malicious actors with insights into the server's internal structure, potentially leading to further security risks.

Impact

Exploitation of this vulnerability could result in unauthorized disclosure of sensitive information, specifically absolute path details, which may be used to infer the server's internal structure and facilitate further attacks.

Remediation

Users can upgrade to Hillstone Next Generation Firewall version 5.5R8P23 to address this vulnerability.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hillstone Networks Next Generation Firewall Sensitive Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating