Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos web appliance - vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2016-9553
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP ...
Sophos Web Appliance 4.2.1.3
1 EDB exploit
7.2
CVSSv3
CVE-2016-9554
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the compone...
Sophos Web Appliance 4.2.1.3
1 EDB exploit
NA
CVE-2013-4983
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance prior to 3.7.9.1 and 3.8 prior to 3.8.1.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
Sophos Web Appliance Firmware 3.0.1
Sophos Web Appliance Firmware 3.0.1.1
Sophos Web Appliance Firmware 3.0.2
Sophos Web Appliance Firmware 3.0.3
Sophos Web Appliance Firmware 3.2.3
Sophos Web Appliance Firmware 3.2.4
Sophos Web Appliance Firmware 3.2.5
Sophos Web Appliance Firmware 3.2.6
Sophos Web Appliance Firmware 3.2.7
Sophos Web Appliance Firmware 3.4.2
Sophos Web Appliance Firmware 3.4.3
Sophos Web Appliance Firmware 3.4.3.1
Sophos Web Appliance Firmware 3.4.4
Sophos Web Appliance Firmware 3.6.1
Sophos Web Appliance Firmware 3.6.1.1
Sophos Web Appliance Firmware 3.6.2
Sophos Web Appliance Firmware 3.6.2.1
Sophos Web Appliance Firmware 3.7.5
Sophos Web Appliance Firmware 3.7.6
Sophos Web Appliance Firmware 3.7.7
Sophos Web Appliance Firmware 3.7.8
Sophos Web Appliance Firmware 3.7.8.1
2 EDB exploits
NA
CVE-2014-2850
The network interface configuration page (netinterface) in Sophos Web Appliance prior to 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.
Sophos Web Appliance Firmware 3.7.3
Sophos Web Appliance Firmware 3.7.2
Sophos Web Appliance Firmware 3.7.1
Sophos Web Appliance Firmware 3.7.0
Sophos Web Appliance Firmware 3.5.4
Sophos Web Appliance Firmware 3.5.3
Sophos Web Appliance Firmware 3.5.2
Sophos Web Appliance Firmware 3.5.1.2
Sophos Web Appliance Firmware 3.4.0
Sophos Web Appliance Firmware 3.3.6.1
Sophos Web Appliance Firmware 3.3.6
Sophos Web Appliance Firmware 3.3.5.1
Sophos Web Appliance Firmware 3.2.2
Sophos Web Appliance Firmware 3.2.1
Sophos Web Appliance Firmware 3.1.4
Sophos Web Appliance Firmware 3.1.3
Sophos Web Appliance Firmware 3.7.9
Sophos Web Appliance Firmware 3.7.8.2
Sophos Web Appliance Firmware 3.7.8.1
Sophos Web Appliance Firmware 3.7.8
Sophos Web Appliance Firmware 3.6.2.4.1
Sophos Web Appliance Firmware 3.6.2.4.0
1 EDB exploit
NA
CVE-2014-2849
The Change Password dialog box (change_password) in Sophos Web Appliance prior to 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
Sophos Web Appliance Firmware 3.7.5
Sophos Web Appliance Firmware 3.7.4
Sophos Web Appliance Firmware 3.7.3
Sophos Web Appliance Firmware 3.7.2
Sophos Web Appliance Firmware 3.5.6
Sophos Web Appliance Firmware 3.5.5
Sophos Web Appliance Firmware 3.5.4
Sophos Web Appliance Firmware 3.5.3
Sophos Web Appliance Firmware 3.4.1
Sophos Web Appliance Firmware 3.4.0
Sophos Web Appliance Firmware 3.3.6.1
Sophos Web Appliance Firmware 3.3.6
Sophos Web Appliance Firmware 3.2.3
Sophos Web Appliance Firmware 3.2.2.1
Sophos Web Appliance Firmware 3.2.2
Sophos Web Appliance Firmware 3.2.1
Sophos Web Appliance Firmware 3.1.4
Sophos Web Appliance Firmware 3.0.0
Sophos Web Appliance Firmware 3.8.0
Sophos Web Appliance Firmware 3.7.9.1
Sophos Web Appliance Firmware 3.7.9
Sophos Web Appliance Firmware 3.7.8.2
1 EDB exploit
NA
CVE-2013-2642
Sophos Web Appliance prior to 3.7.8.2 allows (1) remote malicious users to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execut...
Sophos Web Appliance Firmware
Sophos Web Appliance -
1 EDB exploit
NA
CVE-2013-2641
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance prior to 3.7.8.2 allows remote malicious users to read arbitrary files via the id parameter.
Sophos Web Appliance Firmware
Sophos Web Appliance -
1 EDB exploit
NA
CVE-2013-2643
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance prior to 3.7.8.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to e...
Sophos Web Appliance Firmware
Sophos Web Appliance -
1 EDB exploit
NA
CVE-2008-0838
Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) error and (2) go parameters to the login page.
Sophos Es1000 2.1.0.0
Sophos Es4000 2.1.0.0
1 EDB exploit
6.1
CVSSv3
CVE-2016-3968
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote malicious users to i...
Sophos Cyberoam Cr100ing Utm Firmware 10.6.3 Mr-1 Build 503
Sophos Cyberoam Cr35ing Utm Firmware 10.6.2 Mr-1 Build 383
Sophos Cyberoam Cr35ing Utm Firmware 10.6.2 Build 378
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »