Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 Insecure Direct Object Reference Vulnerability

Exploit for jsp platform in category web applications Exploit Title: Sophos Cyberoam UTM - Privilege Escalation Date: 31/08/2016 Exploit Author: Chintan Gurjar Frogy Vendor Homepage: http://www.sophos.com/ Software Link: https://www.cyberoam.com/downloads/datasheet/CR25iNG.html Version: Cyberoam...

Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference

Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference...

Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 Insecure Direct Object Reference

Exploit Title: Sophos Cyberoam UTM - Privilege Escalation Date: 31/08/2016 Exploit Author: Chintan Gurjar Frogy Vendor Homepage: http://www.sophos.com/ Software Link: https://www.cyberoam.com/downloads/datasheet/CR25iNG.html Version: Cyberoam CR25iNG - 10.6.3 MR-5 CVE : CVE-2016-7786 Category :...

Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference

Exploit Title: Sophos Cyberoam UTM - Privilege Escalation Date: 31/08/2016 Exploit Author: Chintan Gurjar Frogy Vendor Homepage: http://www.sophos.com/ Software Link: https://www.cyberoam.com/downloads/datasheet/CR25iNG.html Version: Cyberoam CR25iNG - 10.6.3 MR-5 CVE : CVE-2016-7786 Category :...

Sophos Cyberoam UTM CR25iNG Security Bypass Vulnerability

Sophos Cyberoam UTM CR25iNG is a network security appliance. A security bypass vulnerability exists in Sophos Cyberoam UTM CR25iNG, which can be exploited by remote attackers to submit a special request to bypass security restrictions and elevate privileges...

CVE-2016-7786

Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5...

CVE-2016-7786

Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5...

Design/Logic Flaw

Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5...

CVE-2016-7786

CVE-2016-7786 affects Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5. The vulnerability is an Insecure Direct Object Reference in Licenseinformation.jsp that allows remote authenticated users to bypass access controls. The issue stems from insufficient input handling in the Access Restriction component,...