# ASP.NET Vulnerability Assessment Report
Target: eshiponline.purolator.com
Date: 2025-11-29T17:48:39.236Z
ASP.NET Version: 4.0.30319

## CVE-2023-36899 - Elevation of Privilege
- **CVE**: CVE-2023-36899
- **Severity**: CRITICAL (CVSS: 9.8)
- **Description**: ASP.NET Elevation of Privilege via crafted request headers

### Test: Header Injection
- **Method**: POST
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 200
- **Response Time**: 243ms

**Result**: No vulnerability indicators detected in response

### Test: Authentication Bypass
- **Method**: GET
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 200
- **Response Time**: 135ms

**Result**: No vulnerability indicators detected in response

## CVE-2021-34532 - Information Disclosure
- **CVE**: CVE-2021-34532
- **Severity**: CRITICAL (CVSS: 9.0)
- **Description**: ASP.NET Core Information Disclosure via ViewState

### Test: ViewState Manipulation
- **Method**: POST
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 302
- **Response Time**: 58ms

**Result**: No vulnerability indicators detected in response

### Test: ViewState Deserialization
- **Method**: POST
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 302
- **Response Time**: 65ms

**Result**: No vulnerability indicators detected in response

## CVE-2020-1147 - Remote Code Execution
- **CVE**: CVE-2020-1147
- **Severity**: CRITICAL (CVSS: 7.8)
- **Description**: .NET Framework RCE via XML/XAML parsing

### Test: XXE Injection
- **Method**: POST
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 403
- **Response Time**: 10ms

**Result**: Request blocked by WAF

### Test: XAML Deserialization
- **Method**: POST
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 403
- **Response Time**: 16ms

**Result**: Request blocked by WAF

## CVE-2018-8292 - Remote Code Execution
- **CVE**: CVE-2018-8292
- **Severity**: CRITICAL (CVSS: 9.3)
- **Description**: .NET Framework RCE via crafted serialized objects

### Test: Insecure Deserialization
- **Method**: POST
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 302
- **Response Time**: 171ms

**Result**: No vulnerability indicators detected in response

## CVE-2017-8759 - SOAP WSDL RCE
- **CVE**: CVE-2017-8759
- **Severity**: CRITICAL (CVSS: 7.8)
- **Description**: .NET Framework RCE via SOAP WSDL Parser

### Test: WSDL Injection
- **Method**: POST
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 403
- **Response Time**: 28ms

**Result**: Request blocked by WAF

## CVE-2023-33170 - Security Feature Bypass
- **CVE**: CVE-2023-33170
- **Severity**: HIGH (CVSS: 8.1)
- **Description**: ASP.NET Security Feature Bypass

### Test: Request Validation Bypass
- **Method**: POST
- **Path**: /ShipOnline/Estimates/Estimate.aspx
- **Status Code**: 403
- **Response Time**: 111ms

**Result**: Request blocked by WAF

### Test: Unicode Normalization Bypass
- **Method**: GET
- **Path**: /ShipOnline/Estimates/Estimate.aspx?param=%E3%80%88script%E3%80%89alert(1)%E3%80%88/script%E3%80%89
- **Status Code**: 200
- **Response Time**: 124ms

**Result**: No vulnerability indicators detected in response