CVE-2020-29574

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely...

Sql injection

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely...

CVE-2020-29574

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. Recent assessments: ccondon-r7 at March 30, 2021 10:42pm UTC reported: Interesting, this slid under the radar a bit. I’m not seeing any...

PT-2020-17197 · Cyberoam · Cyberoamos

Name of the Vulnerable Software and Affected Versions: Cyberoam OS versions prior to 2020-12-04 Description: An SQL injection vulnerability in the WebAdmin of Cyberoam OS allows unauthenticated attackers to execute arbitrary SQL statements remotely. Recommendations: For versions prior to...

Sophos Cyberoam OS SQL注入漏洞

Sophos Cyberoam OS is an operating system for Cyberoam devices from Sophos, USA. A SQL injection vulnerability exists in Sophos Cyberoam OS version 2020-12-04, which stems from a SQL injection vulnerability in WebAdmin that can be exploited by an attacker to remotely execute arbitrary SQL...

CVE-2020-25223

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11...

CVE-2020-25223

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11...

Remote code execution

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11...

CVE-2020-25223

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11 Recent assessments: wvu-r7 at August 26, 2021 2:01am UTC reported: Please see theAtredis writeup for root cause analysis. CVE-2020-25223 has high attacker value and...

CVE-2020-25223

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11...

CVE-2020-25223

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11 Recent assessments: wvu-r7 at November 02, 2021 7:12pm UTC reported: See the other topic. Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2020-25223

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11...

CodeMeter < 7.10a Multiple Vulnerabilities

According to its self-reported version, the CodeMeter WebAdmin server installed on the remote host is prior to 7.10a. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption vulnerabilities exist where the packet parser mechanism does not verify length fields. An...

CodeMeter < 6.90 License forging Vulnerability

According to its self-reported version, the CodeMeter WebAdmin server installed on the remote host is prior to 6.90. It is affected by an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if i...

CodeMeter < 7.10 Information Exfiltration Vulnerability

According to its self-reported version, the CodeMeter WebAdmin server installed on the remote host is prior to 7.10. It is affected by a vulnerability where attacker could send a specially crafted packet that could have the server send back packets containing data from the heap. C Tenable Network...

Netsweeper Injection Vulnerability

Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in the /webadmin/tools/unixlogin.php script in Netsweeper versions 6.4.3 and earlier. An attacker could exploit the vulnerability to execute code...

Design/Logic Flaw

Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters...

CVE-2020-13167

Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters...

CVE-2020-13167

Affected software: Netsweeper WebAdmin (Web content filtering) up to version 6.4.3. Vulnerability type & root cause: unauthenticated remote code execution via webadmin/tools/unixlogin.php where, with certain Referer headers, the command line is invoked with client-supplied parameters allowing she...

CVE-2020-13167

Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters. Recent assessments: wvu-r7 at May 21, 2020 5:51am UTC...