A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated malicious users to execute arbitrary OS commands via shell metacharacters in the "dbName" POST parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos sfos |
||
sophos sfos 17.1 |