CVE-2012-2632 - Papillar Dig

Description

SEIL routers with firmware SEIL/x86 1.00 through 2.35 SEIL/X1 2.30 through 3.75 SEIL/X2 2.30 through 3.75 and SEIL/B1 2.30 through 3.75 when the http-proxy and application-gateway features are enabled do not properly handle the CONNECT command which allows remote attackers to bypass intended URL restrictions via a TCP session.

Reference

http://jvndb.jvn.jp/jvndb/JVNDB-2012-000059 http://www.seil.jp/support/security/a01232.html http://jvn.jp/en/jp/JVN24646833/index.html