Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos web appliance vulnerabilities and exploits
(subscribe to this query)
905
VMScore
CVE-2016-9554
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the compone...
Sophos Web Appliance 4.2.1.3
1 EDB exploit
905
VMScore
CVE-2016-9553
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP ...
Sophos Web Appliance 4.2.1.3
1 EDB exploit
383
VMScore
CVE-2016-3968
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote malicious users to i...
Sophos Cyberoam Cr100ing Utm Firmware 10.6.3 Mr-1 Build 503
Sophos Cyberoam Cr35ing Utm Firmware 10.6.2 Mr-1 Build 383
Sophos Cyberoam Cr35ing Utm Firmware 10.6.2 Build 378
855
VMScore
CVE-2014-2850
The network interface configuration page (netinterface) in Sophos Web Appliance prior to 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.
Sophos Web Appliance Firmware 3.7.3
Sophos Web Appliance Firmware 3.7.2
Sophos Web Appliance Firmware 3.7.1
Sophos Web Appliance Firmware 3.7.0
Sophos Web Appliance Firmware 3.5.4
Sophos Web Appliance Firmware 3.5.3
Sophos Web Appliance Firmware 3.5.2
Sophos Web Appliance Firmware 3.5.1.2
Sophos Web Appliance Firmware 3.4.0
Sophos Web Appliance Firmware 3.3.6.1
Sophos Web Appliance Firmware 3.3.6
Sophos Web Appliance Firmware 3.3.5.1
Sophos Web Appliance Firmware 3.2.2
Sophos Web Appliance Firmware 3.2.1
Sophos Web Appliance Firmware 3.1.4
Sophos Web Appliance Firmware 3.1.3
Sophos Web Appliance Firmware 3.7.9
Sophos Web Appliance Firmware 3.7.8.2
Sophos Web Appliance Firmware 3.7.8.1
Sophos Web Appliance Firmware 3.7.8
Sophos Web Appliance Firmware 3.6.2.4.1
Sophos Web Appliance Firmware 3.6.2.4.0
1 EDB exploit
855
VMScore
CVE-2014-2849
The Change Password dialog box (change_password) in Sophos Web Appliance prior to 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
Sophos Web Appliance Firmware 3.7.5
Sophos Web Appliance Firmware 3.7.4
Sophos Web Appliance Firmware 3.7.3
Sophos Web Appliance Firmware 3.7.2
Sophos Web Appliance Firmware 3.5.6
Sophos Web Appliance Firmware 3.5.5
Sophos Web Appliance Firmware 3.5.4
Sophos Web Appliance Firmware 3.5.3
Sophos Web Appliance Firmware 3.4.1
Sophos Web Appliance Firmware 3.4.0
Sophos Web Appliance Firmware 3.3.6.1
Sophos Web Appliance Firmware 3.3.6
Sophos Web Appliance Firmware 3.2.3
Sophos Web Appliance Firmware 3.2.2.1
Sophos Web Appliance Firmware 3.2.2
Sophos Web Appliance Firmware 3.2.1
Sophos Web Appliance Firmware 3.1.4
Sophos Web Appliance Firmware 3.0.0
Sophos Web Appliance Firmware 3.8.0
Sophos Web Appliance Firmware 3.7.9.1
Sophos Web Appliance Firmware 3.7.9
Sophos Web Appliance Firmware 3.7.8.2
1 EDB exploit
505
VMScore
CVE-2013-2641
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance prior to 3.7.8.2 allows remote malicious users to read arbitrary files via the id parameter.
Sophos Web Appliance Firmware
Sophos Web Appliance -
1 EDB exploit
935
VMScore
CVE-2013-2642
Sophos Web Appliance prior to 3.7.8.2 allows (1) remote malicious users to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execut...
Sophos Web Appliance Firmware
Sophos Web Appliance -
1 EDB exploit
435
VMScore
CVE-2013-2643
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance prior to 3.7.8.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to e...
Sophos Web Appliance Firmware
Sophos Web Appliance -
1 EDB exploit
730
VMScore
CVE-2013-4984
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance prior to 3.7.9.1 and 3.8 prior to 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.
Sophos Web Appliance 3.7.8.2
Sophos Web Appliance 3.7.8
Sophos Web Appliance 3.7.3
Sophos Web Appliance 3.7.1
Sophos Web Appliance 3.6.4.2
Sophos Web Appliance 3.6.2.4.0
Sophos Web Appliance 3.6.2.1
Sophos Web Appliance 3.5.3
Sophos Web Appliance 3.5.1.2
Sophos Web Appliance 3.4.5
Sophos Web Appliance 3.4.3.1
Sophos Web Appliance 3.3.6.1
Sophos Web Appliance 3.3.5.1
Sophos Web Appliance 3.3.0
Sophos Web Appliance 3.2.6
Sophos Web Appliance 3.1.4
Sophos Web Appliance 3.1.2
Sophos Web Appliance 3.0.5
Sophos Web Appliance 3.0.3
Sophos Web Appliance 3.7.7
Sophos Web Appliance 3.7.6
Sophos Web Appliance 3.7.5
2 EDB exploits
1000
VMScore
CVE-2013-4983
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance prior to 3.7.9.1 and 3.8 prior to 3.8.1.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
Sophos Web Appliance Firmware 3.0.1
Sophos Web Appliance Firmware 3.0.1.1
Sophos Web Appliance Firmware 3.0.2
Sophos Web Appliance Firmware 3.0.3
Sophos Web Appliance Firmware 3.2.3
Sophos Web Appliance Firmware 3.2.4
Sophos Web Appliance Firmware 3.2.5
Sophos Web Appliance Firmware 3.2.6
Sophos Web Appliance Firmware 3.2.7
Sophos Web Appliance Firmware 3.4.2
Sophos Web Appliance Firmware 3.4.3
Sophos Web Appliance Firmware 3.4.3.1
Sophos Web Appliance Firmware 3.4.4
Sophos Web Appliance Firmware 3.6.1
Sophos Web Appliance Firmware 3.6.1.1
Sophos Web Appliance Firmware 3.6.2
Sophos Web Appliance Firmware 3.6.2.1
Sophos Web Appliance Firmware 3.7.5
Sophos Web Appliance Firmware 3.7.6
Sophos Web Appliance Firmware 3.7.7
Sophos Web Appliance Firmware 3.7.8
Sophos Web Appliance Firmware 3.7.8.1
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »