Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:1 a.m.4 views

CVE-2023-1671

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code...

9.8CVSS7.9AI score0.99999EPSS
Exploits10References1
Saint
Saint
added 2023/11/24 12:0 a.m.194 views

Sophos Web Appliance UsrBlocked.php command injection

Added: 11/24/2023 CVE: CVE-2023-1671 Background Sophos Web Appliance is a web proxy providing HTTP security. Problem A vulnerability in UsrBlocked.php allows remote attackers to inject arbitrary commands into an HTTP request. Resolution Upgrade to Sophos Web Appliance 4.3.10.4 or higher. Referenc...

9.8CVSS9.6AI score0.99999EPSS
Exploits10
Saint
Saint
added 2023/11/24 12:0 a.m.154 views

Sophos Web Appliance UsrBlocked.php command injection

Added: 11/24/2023 CVE: CVE-2023-1671 Background Sophos Web Appliance is a web proxy providing HTTP security. Problem A vulnerability in UsrBlocked.php allows remote attackers to inject arbitrary commands into an HTTP request. Resolution Upgrade to Sophos Web Appliance 4.3.10.4 or higher. Referenc...

9.8CVSS9.6AI score0.99999EPSS
Exploits10
The Hacker News
The Hacker News
added 2023/11/17 5:57 a.m.114 views

CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added three security flaws to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows - CVE-2023-36584 CVSS score: 5.4 - Microsoft Windows...

9.8CVSS10AI score0.99999EPSS
Exploits33
Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.37 views

Sophos Web Appliance Pre-Authentication Command Injection (CVE-2023-1671)

Binary data sophoswebapplianceCVE-2023-1671.nbin...

9.8CVSS9.6AI score0.99999EPSS
Exploits10References2
GithubExploit
GithubExploit
added 2023/05/17 11:20 a.m.418 views

Exploit for Command Injection in Sophos Web_Appliance

Сve-2023-1671 How does cve-2023-1671https://vulners.com/c...

9.8CVSS9.8AI score0.99999EPSS
Exploits10
Packet Storm
Packet Storm
added 2023/04/26 12:0 a.m.388 views

Sophos Web Appliance 4.3.10.4 Command Injection

!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...

9.8CVSS9.4AI score0.99999EPSS
Exploits10
GithubExploit
GithubExploit
added 2023/04/25 3:19 p.m.328 views

Exploit for Command Injection in Sophos Web_Appliance

CVE-2023-1671 Vulnerability Scanner !GitHub last commit...

9.8CVSS9.9AI score0.99999EPSS
Exploits10
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.316 views

Sophos Web Appliance 4.3.10.4 - Pre-auth command injection

!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...

9.8CVSS9.8AI score0.99999EPSS
Exploits10
0day.today
0day.today
added 2023/04/25 12:0 a.m.300 views

Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit

!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...

9.8CVSS9.2AI score0.99999EPSS
Exploits10
GithubExploit
GithubExploit
added 2023/04/24 3:53 p.m.364 views

Exploit for Command Injection in Sophos Web_Appliance

Dork fofa title="Sophos Web Appliance" || app="Sophos-W...

9.8CVSS9.6AI score0.99999EPSS
Exploits10
Circl
Circl
added 2023/04/04 2:36 p.m.15 views

CVE-2023-1671

creationtimestamp| type| source ---|---|--- 2023-04-04 14:36:57+00:00| seen| https://t.me/cibsecurity/61374 2023-04-05 15:15:02+00:00| seen| https://t.me/truesecator/4254 2023-04-24 04:35:31+00:00| published-proof-of-concept| https://t.me/CNArsenal/525 2023-04-25 09:47:32+00:00|...

9.8CVSS7.5AI score0.99999EPSS
In wildExploits10References21
NVD
NVD
added 2023/04/04 10:15 a.m.23 views

CVE-2023-1671

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code...

9.8CVSS9.8AI score0.99999EPSS
Exploits10References3
Cvelist
Cvelist
added 2023/04/04 12:0 a.m.28 views

CVE-2023-1671

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code...

9.8CVSS9.9AI score0.99999EPSS
Exploits10References2
ATTACKERKB
ATTACKERKB
added 2023/04/04 12:0 a.m.38 views

CVE-2023-1671

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9.8CVSS7.8AI score0.99999EPSS
In wildExploits10References4
Vulnrichment
Vulnrichment
added 2023/04/04 12:0 a.m.12 views

CVE-2023-1671

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code...

9.8CVSS9.8AI score0.99999EPSS
Exploits10References2
CVE
CVE
added 2023/04/04 12:0 a.m.326 views

CVE-2023-1671

CVE-2023-1671 affects Sophos Web Appliance older than 4.3.10.4, with a pre-auth command-injection in the warn-proceed handler that allows remote code execution. Public analyses and PoCs describe how user-supplied parameters flow to shell commands, enabling arbitrary code execution without authent...

9.8CVSS9.6AI score0.99999EPSS
In wildExploits10References3Affected Software1
Rows per page
Query Builder