7 matches found
CVE-2019-17059
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles...
Sophos Cyberoam firewall appliance shell injection vulnerability
Sophos Cyberoam firewall appliance is a firewall appliance from Sophos UK.CyberoamOS is the set of operating systems that run on it. A security vulnerability exists in the Sophos Cyberoam firewall appliance running CyberoamOS versions prior to 10.6.6 MR-6. The vulnerability can be exploited by an...
CVE-2019-17059
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles...
Sophos Cyberoam Firewall CVE-2019-17059 Remote Code Execution Vulnerability
Description Sophos Cyberoam Firewall is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Sophos CyberoamOS 10.6.6 MR-5 and prior are vulnerable. Technologies Affected Sophos CyberoamOS 10.6.6...
CVE-2016-9834
An XSS vulnerability allows remote attackers to execute arbitrary client side script on vulnerable installations of Sophos Cyberoam firewall devices with firmware through 10.6.4. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
Cyberoam CR500iNG-XP SQL Injection Vulnerability
Cyberoam NG is a next-generation firewall product based on CyberoamOS. A remote SQL blind injection vulnerability exists in Cyberoam CR500iNG-XP - 10.6.2 MR-1 and earlier versions. This vulnerability allows attackers to execute sql commands in a database...
Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Cyberoam : Blind SQL Injection Date: 31/Aug/2015 Exploit Author: Dharmendra Kumar Singh Contact: email protected Vendor Homepage: http://www.cyberoam.com Software Link: http://www.cyberoam.com/NGFW/ Version: CR500iNG-XP -...