Sophos Web Protection Appliance sblistpack Arbitrary Command Execution (CVE-2013-4983)
A command injection vulnerability has been reported in Sophos Web Protection Appliance. The vulnerability is due to sblistpack component, reachable from the web interface without authentication. An unauthenticated remote attacker could execute arbitrary OS commands on the Sophos appliance...