[] NeoSense
E X P L O I T S
title author type platform port cve id

IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial of Service

Author: Erik
type: dos
platform: multiple
port: 
date_added: 2009-01-08 
date_updated: 2014-04-07 
verified: 1 
codes: CVE-2009-0120;OSVDB-52605 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/33169/info

IBM WebSphere DataPower XML Security Gateway XS40 is prone to a remote denial-of-service vulnerability because it fails to handle user-supplied input.

Remote attackers can exploit this issue to cause the device to reboot, denying service to legitimate users.

WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 is affected; other versions may also be vulnerable.

The following string is sufficient to trigger this issue:

?abc?
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.