Total
16 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-1671 | 1 Sophos | 1 Web Appliance | 2024-06-17 | N/A | 9.8 CRITICAL |
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. | |||||
CVE-2023-33336 | 1 Sophos | 1 Web Appliance | 2024-02-04 | N/A | 4.8 MEDIUM |
Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes. | |||||
CVE-2017-9523 | 1 Sophos | 1 Web Appliance | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342. | |||||
CVE-2016-9554 | 1 Sophos | 1 Web Appliance | 2024-02-04 | 9.0 HIGH | 7.2 HIGH |
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn't properly escape the information passed in the 'url' variable before calling the executeCommand class function ($this->dtObj->executeCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the 'section' parameter) is: 'configuration'. Exploitation of this vulnerability yields shell access to the remote machine under the 'spiderman' user account. | |||||
CVE-2017-6182 | 1 Sophos | 1 Web Appliance | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. | |||||
CVE-2016-9553 | 1 Sophos | 1 Web Appliance | 2024-02-04 | 9.0 HIGH | 7.2 HIGH |
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn't properly escape the information passed in the variables 'unblockip' and 'blockip' before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name 'escapedips' - however this was not the case. The Sophos ID is NSWA-1258. | |||||
CVE-2017-6183 | 1 Sophos | 1 Web Appliance | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. | |||||
CVE-2017-6412 | 1 Sophos | 1 Web Appliance | 2024-02-04 | 6.8 MEDIUM | 8.1 HIGH |
In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. | |||||
CVE-2017-6184 | 1 Sophos | 1 Web Appliance | 2024-02-04 | 6.5 MEDIUM | 4.7 MEDIUM |
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303. | |||||
CVE-2013-2643 | 1 Sophos | 2 Web Appliance, Web Appliance Firmware | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component. | |||||
CVE-2013-2642 | 1 Sophos | 2 Web Appliance, Web Appliance Firmware | 2024-02-04 | 9.3 HIGH | N/A |
Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execute arbitrary commands via shell metacharacters in the (2) url parameter to the Diagnostic Tools functionality or (3) entries parameter to the Local Site List functionality. | |||||
CVE-2014-2850 | 1 Sophos | 2 Web Appliance, Web Appliance Firmware | 2024-02-04 | 8.5 HIGH | N/A |
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter. | |||||
CVE-2013-2641 | 1 Sophos | 2 Web Appliance, Web Appliance Firmware | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter. | |||||
CVE-2014-2849 | 1 Sophos | 2 Web Appliance, Web Appliance Firmware | 2024-02-04 | 8.5 HIGH | N/A |
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request. | |||||
CVE-2013-4984 | 1 Sophos | 1 Web Appliance | 2024-02-04 | 7.2 HIGH | N/A |
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument. | |||||
CVE-2013-4983 | 1 Sophos | 2 Web Appliance, Web Appliance Firmware | 2024-02-04 | 10.0 HIGH | N/A |
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php. |