Sophos Cyberoam sslvpn_liveuser_delete Command Injection Remote Code Execution Vulnerability

ID ZDI-14-333
Type zdi
Reporter agix
Modified 2014-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Cyberoam. Authentication is required to exploit this vulnerability.

The specific flaw exists within the sslvpn_liveuser_delete opcode. The issue lies in the failure to properly sanitize user-supplied input before executing commands. An attacker can leverage this vulnerability to execute code under the context of the current process.