CVE Catalog

CVE-2026-4767

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Summary

Missing authentication for a critical function in TR7 Cyber Defense Inc. WAF-ASP allows authentication abuse. The vulnerability affects versions from v1.0.324.900 before v1.4.0.117.

Risk Assessment

An attacker can exploit the missing authentication to gain unauthorized access to critical functions, potentially leading to system and data compromise.

Recommendation

Immediately update WAF-ASP to version v1.4.0.117 or later, which includes the fix.

Original NVD description (English source)

Missing authentication for critical function vulnerability in TR7 Cyber ​​Defense Inc. WAF-ASP allows Authentication Abuse. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS