Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 07/10/2014 Updated: 08/10/2014

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

The Sophos Cyberoam appliances with CyberoamOS prior to 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cyberoam cyberoam os

CWE-78 http://www.zerodayinitiative.com/advisories/ZDI-14-332/http://kb.cyberoam.com/default.asp?id=3049 http://www.zerodayinitiative.com/advisories/ZDI-14-328/http://www.zerodayinitiative.com/advisories/ZDI-14-331/http://www.zerodayinitiative.com/advisories/ZDI-14-333/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-5502

Vulnerability Summary

References

Vulmon Search

About

Products

Connect