3 matches found
CVE-2018-16117
A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary OS commands via shell metacharacters in the "dbName" POST parameter...
CVE-2018-16117
A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary OS commands via shell metacharacters in the "dbName" POST parameter...
CVE-2018-16117
Sophos XG firewall Admin Portal (17.0.8 MR-8) contains a shell escape vulnerability in /webconsole/Controller where the POST parameter dbName can be tainted with shell metacharacters. An authenticated remote attacker can execute arbitrary OS commands on the device. The CVE is CVE-2018-16117; CV...