An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated malicious users to execute arbitrary SQL statements remotely.
sophos cyberoamos