Cyberoam » Cyberoam Os : Security Vulnerabilities, CVEs,

CVE-2014-5503

SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the add_guest_user opcode.
Max CVSS
10.0
EPSS Score
1.20%
Published
2014-10-07
Updated
2014-10-08

CVE-2014-5502

The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode.
Max CVSS
9.0
EPSS Score
2.30%
Published
2014-10-07
Updated
2014-10-08

CVE-2014-5501

Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary code via a crafted webpage or file.
Max CVSS
9.3
EPSS Score
19.37%
Published
2014-10-07
Updated
2014-10-08
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close