Lucene search
K

4 matches found

Check Point Advisories
Check Point Advisories
added 2014/04/30 12:0 a.m.2 views

Sophos Web Appliance change_password Admin Password Privilege Escalation (CVE-2014-2849)

A privilege escalation vulnerability has been reported in Sophos Web Appliance. The vulnerability is due to errors in a changepassword request when handling user input. A remote authenticated attacker could exploit this vulnerability by placing specially crafted data in a changepassword request...

8.5CVSS4.6AI score0.60931EPSS
Exploits2
CVE
CVE
added 2014/04/11 3:0 p.m.49 views

CVE-2014-2849

The CVE-2014-2849 issue affects Sophos Web Appliance (versions up to 3.8.1.x). A flaw in the Change Password dialog (change_password) allows remote authenticated users to change the admin password, potentially enabling privilege escalation. Red Hat confirms the vulnerability; ZDI and other adviso...

8.5CVSS6.4AI score0.60931EPSS
Exploits2References5Affected Software2
Kaspersky
Kaspersky
added 2014/04/11 12:0 a.m.45 views

KLA10336 Multiple vulnerabilities in Sophos Web Appliance

Multiple critical vulnerabilities have been found in Sophos Web Appliance. Malicious users can exploit these vulnerabilities to execute arbitrary commands or change admin password. Below is a complete list of vulnerabilities 1. Vectors related to the netinterface configuration page can be exploit...

8.5CVSS8AI score0.60931EPSS
Exploits3References3
Circl
Circl
added 2014/04/10 12:0 a.m.16 views

CVE-2014-2849

creationtimestamp| type| source ---|---|--- 2014-04-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32789 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/sophoswpaifaceexec.rb 2025-02-06 03:13:41+00:00| seen...

8.5CVSS5.7AI score0.60931EPSS
Exploits2References2
Rows per page
Query Builder