The remote Sophos Web Appliance is affected by a pre-authentication command injection vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary commands.
Binary data sophos_web_appliance_CVE-2023-1671.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
sophos | web_appliance | cpe:/a:sophos:web_appliance |