CVE-2014-2850

Public exploit
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.
Max CVSS
8.5
EPSS Score
18.81%
Published
2014-04-11
Updated
2014-04-14

CVE-2014-2849

Public exploit
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
Max CVSS
8.5
EPSS Score
17.80%
Published
2014-04-11
Updated
2014-04-14

CVE-2013-4983

Public exploit
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
Max CVSS
10.0
EPSS Score
91.81%
Published
2013-09-10
Updated
2013-10-09
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!