25 matches found
EUVD-2015-6748
Malware in sbrugna...
EUVD-2014-5388
Malware in sbrugna...
EUVD-2014-5390
Malware in sbrugna...
EUVD-2014-5389
Malware in sbrugna...
EUVD-2019-7531
Malware in sbrugna...
CVE-2019-17059
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles...
CVE-2015-6811
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml...
CyberoamOS Web Interface Detection
Binary data sophoscyberoamoswebdetect.nbin...
CyberoamOS (CROS) SQL Injection Vulnerability
CyberoamOS CROS contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely...
VulnCheck KEV: CVE-2020-29574
CyberoamOS CROS contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely...
Sql injection
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles...
CVE-2019-17059
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles...
CVE-2019-17059
CVE-2019-17059 is a shell injection vulnerability in Sophos Cyberoam firewall appliances running CyberoamOS prior to 10.6.6 MR-6. The issue allows remote attackers to execute arbitrary commands through the Web Admin and SSL VPN consoles, enabling remote code execution. Affected device/OS: Sophos ...
Sophos Cyberoam Firewall CVE-2019-17059 Remote Code Execution Vulnerability
Description Sophos Cyberoam Firewall is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Sophos CyberoamOS 10.6.6 MR-5 and prior are vulnerable. Technologies Affected Sophos CyberoamOS 10.6.6...
Sql injection
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml...
CVE-2015-6811
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml...
CVE-2015-6811
The CVE-2015-6811 entry describes a SQL injection in Sophos Cyberoam CR500iNG-XP firewall appliances running CyberoamOS 10.6.2 MR-1 and earlier. The vulnerability stems from inadequate filtering of the username parameter in login.xml, enabling remote attackers to execute arbitrary SQL commands. C...
CVE-2014-5501
Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary code via a crafted webpage or file...
Sql injection
SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the addguestuser opcode...
Design/Logic Flaw
The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a 1 checkcertkey, 2 webclientportalsettings, 3 sslvpnliveuserdelete, or 4 cccflushsqlfile opcode...