Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web appliance vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1671
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
Sophos Web Appliance
5 Github repositories
6.8
CVSSv2
CVE-2017-6412
In Sophos Web Appliance (SWA) prior to 4.3.1.2, Session Fixation could occur, aka NSWA-1310.
Sophos Web Appliance
1 EDB exploit
NA
CVE-2020-36692
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.
Sophos Web Appliance
6.5
CVSSv2
CVE-2017-6183
In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
Sophos Web Appliance
6.5
CVSSv2
CVE-2017-6184
In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
Sophos Web Appliance
4.3
CVSSv2
CVE-2017-9523
The Sophos Web Appliance prior to 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342.
Sophos Web Appliance
7.8
CVSSv2
CVE-2015-6321
Cisco AsyncOS prior to 8.5.7-042, 9.x prior to 9.1.0-032, 9.1.x prior to 9.1.1-023, and 9.5.x and 9.6.x prior to 9.6.0-042 on Email Security Appliance (ESA) devices; prior to 9.1.0-032, 9.1.1 prior to 9.1.1-005, and 9.5.x prior to 9.5.0-025 on Content Security Management Applianc...
Cisco Web Security Appliance 6.0.0-000
Cisco Web Security Appliance 7.5.0-825
Cisco Web Security Appliance 7.5.0-000
Cisco Web Security Appliance 7.7.0-000
Cisco Web Security Appliance 7.5.2-000
Cisco Web Security Appliance 7.7.1-000
Cisco Web Security Appliance 7.5.1-000
Cisco Web Security Appliance 8.0.0-000
Cisco Web Security Appliance 8.5.0.000
Cisco Web Security Appliance 5.6.0-623
Cisco Content Security Management Appliance 8.1.2-000
Cisco Content Security Management Appliance 8.2.0-238
Cisco Content Security Management Appliance 7.8.0-328
Cisco Content Security Management Appliance 7.8.1-001
Cisco Content Security Management Appliance 8.3.0-350
Cisco Content Security Management Appliance 8.3.5-061
Cisco Content Security Management Appliance 7.9.0-201
Cisco Content Security Management Appliance 7.9.2-116
Cisco Content Security Management Appliance 8.0.1-031
Cisco Content Security Management Appliance 8.3.6-014
Cisco Content Security Management Appliance 8.3.7-010
Cisco Content Security Management Appliance 8.4.0-150
4.3
CVSSv2
CVE-2018-0406
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct a reflected or Document Object Model based (DOM-based) cross-site scripting (XSS) attack against a user of the web-based ma...
Cisco Web Security Appliance 11.5.0-fcs-581
Cisco Web Security Appliance 10.1.2-003
Cisco Web Security Appliance 10.5.1-269
5
CVSSv2
CVE-2019-1672
A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerabil...
Cisco Web Security Appliance 10.1.0-204
Cisco Web Security Appliance 11.5.1-fcs-115
Cisco Web Security Appliance 10.5.2-072
9
CVSSv2
CVE-2017-6746
A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. Affected Products: ...
Cisco Web Security Appliance 11.0.0
Cisco Web Security Appliance 10.5.0-358
Cisco Web Security Appliance 10.1.0-204
Cisco Web Security Appliance 10.1.1-234
Cisco Web Security Appliance 10.0 Base
Cisco Web Security Appliance 10.1.0
Cisco Web Security Appliance 11.0.0-641
Cisco Web Security Appliance 10.5.0
Cisco Web Security Appliance 10.0.0-233
Cisco Web Security Appliance 11.0.0-613
Cisco Web Security Appliance 10.1.1-230
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »