Critical Vulnerability CVE-2026-4767 in TR7 Cyber Defense WAF-ASP

Critical Vulnerability CVE-2026-4767 in TR7 Cyber Defense WAF-ASP

First seen 3 Jul 2026, 00:50 UTC Feedlycve.akaoma.comeuvd.enisa.europa.euvuldb.comcve.report 91% similarity 78.9
Share:

Article Content

Browse articles
ThreatCluster

CVE-2026-4767 is a critical vulnerability affecting TR7 Cyber Defense Inc.'s WAF-ASP versions from v1.0.324.900 to before v1.4.0.117. The flaw allows unauthenticated attackers to bypass authentication controls, enabling unauthorized access to critical functions and potential manipulation of security policies. The CVSS base score assigned is 9.8, indicating a critical risk. Currently, there is no evidence of public proof-of-concept or active exploitation. A patch is available, and users are urged to upgrade to version 1.4.0.117 or later. Network access to administrative interfaces should be restricted, and access logs should be monitored for suspicious activity. Immediate intervention is recommended to mitigate risks associated with this vulnerability.

Key Points: • CVE-2026-4767 allows unauthenticated access to critical functions in WAF-ASP. • A CVSS score of 9.8 indicates a critical risk requiring immediate action. • Users must upgrade to WAF-ASP version 1.4.0.117 or later to mitigate the vulnerability.

ThreatCluster AI

Timeline

2026-07-02
CVE-2026-4767 published
TR7 Cyber Defense Inc. disclosed a critical vulnerability in WAF-ASP affecting versions prior to 1.4.0.117.
Feedly
2026-07-03
Critical risk assessment issued
CVE-2026-4767 classified as a catastrophic security flaw demanding immediate intervention.
cve.akaoma.com

Community

Browse all →