CVE-2016-7786

2017-04-0721:00:00

mitre

www.cve.org

AI Score

8.3

Confidence

High

EPSS

0.015

Percentile

87.1%

JSON

Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5.

References

infosecninja.blogspot.in/2017/04/cve-2016-7786-sophos-cyberoam-utm.html

www.exploit-db.com/exploits/44469/