Vulnerabilites related to sophos - web_appliance
CVE-2017-6412 (GCVE-0-2017-6412)
Vulnerability from cvelistv5
Published
2017-03-30 17:00
Modified
2024-08-05 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.
References
| ▼ | URL | Tags |
|---|---|---|
| http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/97261 | vdb-entry, x_refsource_BID | |
| https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf | x_refsource_MISC | |
| https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:49.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97261"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-14T04:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97261"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html",
"refsource": "CONFIRM",
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"name": "https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf",
"refsource": "MISC",
"url": "https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf"
},
{
"name": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2",
"refsource": "CONFIRM",
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6412",
"datePublished": "2017-03-30T17:00:00",
"dateReserved": "2017-03-01T00:00:00",
"dateUpdated": "2024-08-05T15:25:49.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4934 (GCVE-0-2022-4934)
Vulnerability from cvelistv5
Published
2023-04-04 00:00
Modified
2025-02-11 14:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Web Appliance |
Version: unspecified < 4.3.10.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4934",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T14:27:05.799435Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T14:27:10.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Web Appliance",
"vendor": "Sophos",
"versions": [
{
"lessThan": "4.3.10.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-04T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-4934",
"datePublished": "2023-04-04T00:00:00.000Z",
"dateReserved": "2023-03-28T00:00:00.000Z",
"dateUpdated": "2025-02-11T14:27:10.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9523 (GCVE-0-2017-9523)
Vulnerability from cvelistv5
Published
2017-06-09 00:00
Modified
2024-08-05 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342.
References
| ▼ | URL | Tags |
|---|---|---|
| http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.2.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99016 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:11:01.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.2.html"
},
{
"name": "99016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-14T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.2.html"
},
{
"name": "99016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9523",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.2.html",
"refsource": "CONFIRM",
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.2.html"
},
{
"name": "99016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9523",
"datePublished": "2017-06-09T00:00:00",
"dateReserved": "2017-06-08T00:00:00",
"dateUpdated": "2024-08-05T17:11:01.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2850 (GCVE-0-2014-2850)
Vulnerability from cvelistv5
Published
2014-04-11 15:00
Modified
2024-09-16 23:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/66734 | vdb-entry, x_refsource_BID | |
| http://www.sophos.com/en-us/support/knowledgebase/120230.aspx | x_refsource_CONFIRM | |
| http://www.zerodayinitiative.com/advisories/ZDI-14-069/ | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/32789 | exploit, x_refsource_EXPLOIT-DB | |
| http://secunia.com/advisories/57706 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.019Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66734",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66734"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
},
{
"name": "32789",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"name": "57706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57706"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-11T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "66734",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66734"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
},
{
"name": "32789",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"name": "57706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57706"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66734"
},
{
"name": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
},
{
"name": "32789",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"name": "57706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57706"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2850",
"datePublished": "2014-04-11T15:00:00Z",
"dateReserved": "2014-04-11T00:00:00Z",
"dateUpdated": "2024-09-16T23:21:40.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9553 (GCVE-0-2016-9553)
Vulnerability from cvelistv5
Published
2017-01-28 12:38
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn't properly escape the information passed in the variables 'unblockip' and 'blockip' before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name 'escapedips' - however this was not the case. The Sophos ID is NSWA-1258.
References
| ▼ | URL | Tags |
|---|---|---|
| http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95853 | vdb-entry, x_refsource_BID | |
| https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1 | x_refsource_CONFIRM | |
| http://pastebin.com/DUYuN0U5 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.html"
},
{
"name": "95853",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95853"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pastebin.com/DUYuN0U5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn\u0027t properly escape the information passed in the variables \u0027unblockip\u0027 and \u0027blockip\u0027 before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name \u0027escapedips\u0027 - however this was not the case. The Sophos ID is NSWA-1258."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-23T01:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.html"
},
{
"name": "95853",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95853"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pastebin.com/DUYuN0U5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn\u0027t properly escape the information passed in the variables \u0027unblockip\u0027 and \u0027blockip\u0027 before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name \u0027escapedips\u0027 - however this was not the case. The Sophos ID is NSWA-1258."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.html",
"refsource": "CONFIRM",
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.html"
},
{
"name": "95853",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95853"
},
{
"name": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1",
"refsource": "CONFIRM",
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
},
{
"name": "http://pastebin.com/DUYuN0U5",
"refsource": "MISC",
"url": "http://pastebin.com/DUYuN0U5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9553",
"datePublished": "2017-01-28T12:38:00",
"dateReserved": "2016-11-22T00:00:00",
"dateUpdated": "2024-08-06T02:50:38.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2643 (GCVE-0-2013-2643)
Vulnerability from cvelistv5
Published
2014-03-18 14:00
Modified
2024-08-06 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-18T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"name": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2643",
"datePublished": "2014-03-18T14:00:00",
"dateReserved": "2013-03-22T00:00:00",
"dateUpdated": "2024-08-06T15:44:32.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6183 (GCVE-0-2017-6183)
Vulnerability from cvelistv5
Published
2017-03-30 17:00
Modified
2024-08-05 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
References
| ▼ | URL | Tags |
|---|---|---|
| http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/97261 | vdb-entry, x_refsource_BID | |
| https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:47.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-03T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html",
"refsource": "CONFIRM",
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"name": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2",
"refsource": "CONFIRM",
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6183",
"datePublished": "2017-03-30T17:00:00",
"dateReserved": "2017-02-21T00:00:00",
"dateUpdated": "2024-08-05T15:25:47.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4983 (GCVE-0-2013-4983)
Vulnerability from cvelistv5
Published
2013-09-10 10:00
Modified
2024-09-17 03:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities | x_refsource_MISC | |
| http://www.sophos.com/en-us/support/knowledgebase/119773.aspx | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-10T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"name": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4983",
"datePublished": "2013-09-10T10:00:00Z",
"dateReserved": "2013-07-29T00:00:00Z",
"dateUpdated": "2024-09-17T03:02:50.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2641 (GCVE-0-2013-2641)
Vulnerability from cvelistv5
Published
2014-03-18 14:00
Modified
2024-08-06 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-18T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"name": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2641",
"datePublished": "2014-03-18T14:00:00",
"dateReserved": "2013-03-22T00:00:00",
"dateUpdated": "2024-08-06T15:44:32.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1671 (GCVE-0-2023-1671)
Vulnerability from cvelistv5
Published
2023-04-04 00:00
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Web Appliance |
Version: unspecified < 4.3.10.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:57:24.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1671",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T21:14:11.071255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-11-16",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-1671"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:28.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2023-11-16T00:00:00+00:00",
"value": "CVE-2023-1671 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Web Appliance",
"vendor": "Sophos",
"versions": [
{
"lessThan": "4.3.10.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-26T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
},
{
"url": "http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2023-1671",
"datePublished": "2023-04-04T00:00:00.000Z",
"dateReserved": "2023-03-28T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:37:28.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9554 (GCVE-0-2016-9554)
Vulnerability from cvelistv5
Published
2017-01-28 12:38
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn't properly escape the information passed in the 'url' variable before calling the executeCommand class function ($this->dtObj->executeCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the 'section' parameter) is: 'configuration'. Exploitation of this vulnerability yields shell access to the remote machine under the 'spiderman' user account.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/95858 | vdb-entry, x_refsource_BID | |
| http://pastebin.com/UB8Ye6ZU | x_refsource_MISC | |
| https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95858",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95858"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pastebin.com/UB8Ye6ZU"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn\u0027t properly escape the information passed in the \u0027url\u0027 variable before calling the executeCommand class function ($this-\u003edtObj-\u003eexecuteCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the \u0027section\u0027 parameter) is: \u0027configuration\u0027. Exploitation of this vulnerability yields shell access to the remote machine under the \u0027spiderman\u0027 user account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-23T01:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "95858",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95858"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pastebin.com/UB8Ye6ZU"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn\u0027t properly escape the information passed in the \u0027url\u0027 variable before calling the executeCommand class function ($this-\u003edtObj-\u003eexecuteCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the \u0027section\u0027 parameter) is: \u0027configuration\u0027. Exploitation of this vulnerability yields shell access to the remote machine under the \u0027spiderman\u0027 user account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95858",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95858"
},
{
"name": "http://pastebin.com/UB8Ye6ZU",
"refsource": "MISC",
"url": "http://pastebin.com/UB8Ye6ZU"
},
{
"name": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1",
"refsource": "CONFIRM",
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9554",
"datePublished": "2017-01-28T12:38:00",
"dateReserved": "2016-11-22T00:00:00",
"dateUpdated": "2024-08-06T02:50:38.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2642 (GCVE-0-2013-2642)
Vulnerability from cvelistv5
Published
2014-03-18 14:00
Modified
2024-08-06 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execute arbitrary commands via shell metacharacters in the (2) url parameter to the Diagnostic Tools functionality or (3) entries parameter to the Local Site List functionality.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execute arbitrary commands via shell metacharacters in the (2) url parameter to the Diagnostic Tools functionality or (3) entries parameter to the Local Site List functionality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-18T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execute arbitrary commands via shell metacharacters in the (2) url parameter to the Diagnostic Tools functionality or (3) entries parameter to the Local Site List functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"name": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2642",
"datePublished": "2014-03-18T14:00:00",
"dateReserved": "2013-03-22T00:00:00",
"dateUpdated": "2024-08-06T15:44:32.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6184 (GCVE-0-2017-6184)
Vulnerability from cvelistv5
Published
2017-03-30 17:00
Modified
2024-08-05 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
References
| ▼ | URL | Tags |
|---|---|---|
| http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/97261 | vdb-entry, x_refsource_BID | |
| https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:48.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-03T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html",
"refsource": "CONFIRM",
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"name": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2",
"refsource": "CONFIRM",
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6184",
"datePublished": "2017-03-30T17:00:00",
"dateReserved": "2017-02-21T00:00:00",
"dateUpdated": "2024-08-05T15:25:48.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4984 (GCVE-0-2013-4984)
Vulnerability from cvelistv5
Published
2013-09-10 10:00
Modified
2024-09-16 19:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities | x_refsource_MISC | |
| http://www.sophos.com/en-us/support/knowledgebase/119773.aspx | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-10T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"name": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4984",
"datePublished": "2013-09-10T10:00:00Z",
"dateReserved": "2013-07-29T00:00:00Z",
"dateUpdated": "2024-09-16T19:04:18.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33336 (GCVE-0-2023-33336)
Vulnerability from cvelistv5
Published
2023-06-30 00:00
Modified
2024-11-27 16:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:36.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-%28XSS%29-in-Sophos-Web-Appliance-4.1.1-0.9.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33336",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T16:11:09.213255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:11:21.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-%28XSS%29-in-Sophos-Web-Appliance-4.1.1-0.9.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-33336",
"datePublished": "2023-06-30T00:00:00",
"dateReserved": "2023-05-22T00:00:00",
"dateUpdated": "2024-11-27T16:11:21.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6182 (GCVE-0-2017-6182)
Vulnerability from cvelistv5
Published
2017-03-30 17:00
Modified
2024-08-05 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
References
| ▼ | URL | Tags |
|---|---|---|
| http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/97261 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/42332/ | exploit, x_refsource_EXPLOIT-DB | |
| https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:47.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97261"
},
{
"name": "42332",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42332/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-11T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97261"
},
{
"name": "42332",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42332/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html",
"refsource": "CONFIRM",
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name": "97261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"name": "42332",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42332/"
},
{
"name": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2",
"refsource": "CONFIRM",
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6182",
"datePublished": "2017-03-30T17:00:00",
"dateReserved": "2017-02-21T00:00:00",
"dateUpdated": "2024-08-05T15:25:47.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2849 (GCVE-0-2014-2849)
Vulnerability from cvelistv5
Published
2014-04-11 15:00
Modified
2024-09-16 17:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/66734 | vdb-entry, x_refsource_BID | |
| http://www.sophos.com/en-us/support/knowledgebase/120230.aspx | x_refsource_CONFIRM | |
| http://www.zerodayinitiative.com/advisories/ZDI-14-069/ | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/32789 | exploit, x_refsource_EXPLOIT-DB | |
| http://secunia.com/advisories/57706 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66734",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66734"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
},
{
"name": "32789",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"name": "57706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57706"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-11T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "66734",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66734"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
},
{
"name": "32789",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"name": "57706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57706"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2849",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66734"
},
{
"name": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
},
{
"name": "32789",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"name": "57706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57706"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2849",
"datePublished": "2014-04-11T15:00:00Z",
"dateReserved": "2014-04-11T00:00:00Z",
"dateUpdated": "2024-09-16T17:34:14.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36692 (GCVE-0-2020-36692)
Vulnerability from cvelistv5
Published
2023-04-04 00:00
Modified
2025-02-11 14:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sophos | Sophos Web Appliance |
Version: unspecified < 4.3.10.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:05.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T14:27:31.252299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T14:27:36.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sophos Web Appliance",
"vendor": "Sophos",
"versions": [
{
"lessThan": "4.3.10.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-04T00:00:00.000Z",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2020-36692",
"datePublished": "2023-04-04T00:00:00.000Z",
"dateReserved": "2023-03-28T00:00:00.000Z",
"dateUpdated": "2025-02-11T14:27:36.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-04-04 10:15
Modified
2025-03-13 16:16
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@sophos.com | http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| security-alert@sophos.com | https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | * |
{
"cisaActionDue": "2023-12-07",
"cisaExploitAdd": "2023-11-16",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Sophos Web Appliance Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55F9D349-CF04-4983-818B-C98E4A515E47",
"versionEndExcluding": "4.3.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code."
}
],
"id": "CVE-2023-1671",
"lastModified": "2025-03-13T16:16:53.280",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-alert@sophos.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-04T10:15:07.197",
"references": [
{
"source": "security-alert@sophos.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html"
},
{
"source": "security-alert@sophos.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
],
"sourceIdentifier": "security-alert@sophos.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-30 17:59
Modified
2025-04-20 01:37
Severity ?
Summary
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5CEDA7-BC64-4628-9361-E93033BAEF8A",
"versionEndIncluding": "4.3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314."
},
{
"lang": "es",
"value": "En Sophos Web Appliance (SWA) en versiones anteriores a 4.3.1.2, una secci\u00f3n de las utilidades de configuraci\u00f3n de la m\u00e1quina para agregar (y detectar) servidores Active Directory era vulnerable a inyecci\u00f3n de comandos remotos, vulnerabilidad tambi\u00e9n conocida como NSWA-1314."
}
],
"id": "CVE-2017-6183",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-30T17:59:00.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-09 00:29
Modified
2025-04-20 01:37
Severity ?
Summary
The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBBCA32-5226-416E-9CA2-A885C93E2BD2",
"versionEndIncluding": "4.3.1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342."
},
{
"lang": "es",
"value": "El producto Sophos Web Appliance versiones anteriores a 4.3.2, presenta un problema de tipo XSS en la p\u00e1gina de redireccionamiento FTP, tambi\u00e9n se conoce como NSWA-1342."
}
],
"id": "CVE-2017-9523",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-09T00:29:00.173",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99016"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-18 17:02
Modified
2025-04-12 10:46
Severity ?
Summary
Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execute arbitrary commands via shell metacharacters in the (2) url parameter to the Diagnostic Tools functionality or (3) entries parameter to the Local Site List functionality.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance_firmware | * | |
| sophos | web_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A72A59D-1018-43D3-B7E8-53F0AA013C18",
"versionEndIncluding": "3.7.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:web_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37CBAA36-B58B-4D52-B674-E795290D42EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execute arbitrary commands via shell metacharacters in the (2) url parameter to the Diagnostic Tools functionality or (3) entries parameter to the Local Site List functionality."
},
{
"lang": "es",
"value": "Sophos Web Appliance anterior a 3.7.8.2 permite a (1) atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en el par\u00e1metro client-ip hacia la p\u00e1gina Block, cuando utiliza la variable user_workstation en una plantilla personalizada y usuarios remotos autenticados para ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en el (2) par\u00e1metro url hacia la funcionalidad Diagnostic Tools o (3) par\u00e1metro entries hacia la funcionalidad Local Site List."
}
],
"id": "CVE-2013-2642",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-18T17:02:51.857",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-11 15:55
Modified
2025-04-12 10:46
Severity ?
Summary
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance_firmware:3.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1F13FE47-7269-42AF-9601-C04DB5BEF398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8580C268-2287-46DA-8E67-C6072A04535B",
"versionEndIncluding": "3.8.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8A7150-8264-416C-87DB-E9CDD318A82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57A40D50-1324-459A-81F2-1C57FFCB0206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7EB10A-A245-4688-9619-10A98BA5E23F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A64FCF4B-4BAF-409C-9500-BA729C11C098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "245AA033-6388-4EB1-84FC-12FD3683F5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9AEBAC-E764-4A12-99E5-C643C4BEC88E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "19FBAC31-D306-4C13-81B0-7EE733EBE258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA62F916-6282-40C2-BBF0-0EDAFEE085BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D84BF84-3204-4717-B6E7-3786A52ECB70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8BE4DA-F1AE-41BF-B062-9D50ACC0B9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFA7CD3-3F79-408E-B68F-9EFF382B29E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "589BBFA8-3A56-4057-BE9E-EC63AA837CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C524417-B3CD-46B9-8A59-C489170E264E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E5111B15-366D-4B8E-946C-5E294907B399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1F32D9-BAA5-420D-AE0D-4E64320DB004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E93E2D4E-15A7-41BB-9F9E-162CEB797B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1090659-0F39-4E89-AA83-699549471839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBBFF84-0C64-4B50-AAA4-02A5B41F1C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7DAD5CD0-9B52-4FF2-B1E2-BA2223073893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9132766-CAD5-4BE4-8E11-80251C28A974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "402C91F9-5FAF-4A1E-8350-799F825B2E95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E69BED8D-1A92-4384-8BB4-5822FC69E29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2574CFB6-D3F2-41F0-88A4-152BD2F42427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72589AEB-DE8A-4385-BBA9-D6B8A74AFC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "934B4C03-1B9A-4B83-A396-1A44BCA8C1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08CC0060-A20C-4769-BA3F-43EDC8DAC750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DED9963-61AE-44C6-AC73-0F1AD82E34CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078EE8-828A-4852-835A-CEC103A23A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1F9D52-CFEA-41B1-8477-1FF06FFB3EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BEAE73E-5B43-48E9-A048-143F58FBC784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2F23A049-F7D3-4CC0-B75D-A65D2151E265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8E4724-F49B-4C1B-9879-7DFC23E12F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77EEB883-CF36-4274-B5C6-C83CB6C237A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3063D8C-6CBE-4929-BBB8-5D6AB935DF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4BB573-434C-48C6-9C25-FD804FB4AAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "54365D65-F2D6-423E-B3D3-B69C432A0CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57AFF87D-4DC8-42C1-9DAF-99A85D753D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "240B178F-4BE5-4778-AFEB-9BA53B866E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89E03D20-3D0F-4BAC-8A30-3464F3C811E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69C112DE-1BC2-434F-B68D-EFE043A79FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "49558797-D233-499D-85D8-AF8DEF667448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FF0A14-F791-4E03-B70A-C622824D49C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BDFF3F-3FD2-4E20-9D1F-19186CD83611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC1965-4E62-4DBF-AF18-ABFA7A3F54B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8573D8-DD6E-49C6-9AE8-A92880367435",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B9976F-5CC8-4FAF-AAAA-CE5E3B99AF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C92D31A8-8DCE-4FE2-8816-FB6D43575DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "572BC9FF-8BC2-4839-88B1-E675A39AFF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED348A0-8645-48FD-8851-B803C4220BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7FC1C8-97BE-41DC-A81D-F8950D6716BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "171D7FA2-8DBB-436A-B963-D6A02707C0E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83C13E74-8583-446C-9EC9-0E97CE383619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "507DBEDA-F5BA-4FA4-BE81-29A648058B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4B04F3-0306-4CDB-BE6B-648F37CB9722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE5DBC9-FD14-4BB8-9BE5-859216819D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE153D0-69DC-4724-9119-B8EF06A24404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51E7297E-81EF-49BE-85F0-79CCF1B4BB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F97C2079-150D-4CE0-909B-5B106F66E265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "049E873D-0E1B-4AA1-AFF7-5738A3DD145C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE97EF8-DC5C-460C-AA8B-6C7E86F2143B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3242A2-FB0F-45DE-B362-3EC65FD360E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15E53E03-EC8A-4B83-A91B-44B2C96B5CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5347976-394B-42F9-A0B9-D63DCAC8719B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5456C566-9473-4665-8CDD-D795CA6369A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC57EEC-5D83-4640-B625-BDB9BF8148C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14EEEB2D-2973-4C72-8445-6B51CB6D05A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "74D9F811-E875-4DE9-9F35-C3540FCCBFF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D587EB-200C-4979-B2C7-578F0BC5FD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "230DD33A-0D47-4B64-BDA9-5A28814E113F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "827687F6-E29A-4D87-8C44-8EC91FF2F1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDB0A27-9E8A-4169-A874-3ACDDE105CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "178F7104-4BDC-43A1-ADCB-4B5E1879A67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1551E945-5C3E-429A-A057-2734E9CAA23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "047521B0-40AF-409A-814B-51573AC62A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB8C9E0-6E62-48FA-9E55-489FE073E996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B249C69-5FCA-4B1A-8D58-B32B2F45FB7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:web_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37CBAA36-B58B-4D52-B674-E795290D42EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request."
},
{
"lang": "es",
"value": "El cuadro de dialogo de cambio de contrase\u00f1a (change_password) en Sophos Web Appliance anterior a 3.8.2 permite a usuarios remotos autenticados cambiar la contrase\u00f1a del usuario de administraci\u00f3n a trav\u00e9s de una solicitud manipulada."
}
],
"id": "CVE-2014-2849",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-11T15:55:27.660",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57706"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/66734"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/66734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-04 10:15
Modified
2025-02-11 15:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55F9D349-CF04-4983-818B-C98E4A515E47",
"versionEndExcluding": "4.3.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA."
}
],
"id": "CVE-2020-36692",
"lastModified": "2025-02-11T15:15:14.393",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security-alert@sophos.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-04T10:15:07.057",
"references": [
{
"source": "security-alert@sophos.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
],
"sourceIdentifier": "security-alert@sophos.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-04 10:15
Modified
2025-02-11 15:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55F9D349-CF04-4983-818B-C98E4A515E47",
"versionEndExcluding": "4.3.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code."
}
],
"id": "CVE-2022-4934",
"lastModified": "2025-02-11T15:15:15.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security-alert@sophos.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-04T10:15:07.140",
"references": [
{
"source": "security-alert@sophos.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce"
}
],
"sourceIdentifier": "security-alert@sophos.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-18 17:02
Modified
2025-04-12 10:46
Severity ?
Summary
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance_firmware | * | |
| sophos | web_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A72A59D-1018-43D3-B7E8-53F0AA013C18",
"versionEndIncluding": "3.7.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:web_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37CBAA36-B58B-4D52-B674-E795290D42EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en patience.cgi en Sophos Web Appliance anterior a 3.7.8.2 permite a atacantes remotos leer archivos arbitrarios a trav\u00e9s del par\u00e1metro id."
}
],
"id": "CVE-2013-2641",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-18T17:02:51.840",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-30 17:59
Modified
2025-04-20 01:37
Severity ?
Summary
In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5CEDA7-BC64-4628-9361-E93033BAEF8A",
"versionEndIncluding": "4.3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310."
},
{
"lang": "es",
"value": "En Sophos Web Appliance (SWA) en versiones anteriores a 4.3.1.2, podr\u00eda ocurrir la fijaci\u00f3n de sesi\u00f3n, vulnerabilidad tambi\u00e9n conocida como NSWA-1310."
}
],
"id": "CVE-2017-6412",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-30T17:59:00.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
},
{
"source": "cve@mitre.org",
"url": "https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-10 11:28
Modified
2025-04-11 00:51
Severity ?
Summary
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities | Exploit, Technical Description, Vendor Advisory | |
| cve@mitre.org | http://www.sophos.com/en-us/support/knowledgebase/119773.aspx | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities | Exploit, Technical Description, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.sophos.com/en-us/support/knowledgebase/119773.aspx | Broken Link |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CB925A-27AD-4E9C-ABCE-9052460B8670",
"versionEndIncluding": "3.7.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E72AFE09-C005-4C58-89E4-95EC329E1456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD8C41B-38D1-4443-BB4A-0BDBF1419B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F11B1311-687B-4CFD-A1DF-74F42C11CB03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38EF1D57-81D6-4E1A-8597-2D505EEB113E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "936C0962-08DB-4C2F-8656-4948E2E9DAF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "84AE2D52-1C27-46BE-87CC-C32E74CBCE12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D1160E50-C123-4091-9215-8793999FE1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18F26B00-B087-445F-9453-AA6F4EEBD9C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67548C4C-C928-4E8A-BD7A-FDAFBBBA20E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADEA7FD-8CBB-4979-891A-78E2AEB32149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16FD5529-F951-465D-9B5C-3AA7EA038F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4993820-1ED0-41A3-9A88-AB3AB0CB46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B92DA3-55E3-4A60-AFA9-1CB9A3696892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA52349-778B-47EF-BEE7-831EA810C5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "941BB190-EFA2-4476-BC6D-173272E92BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D7B7E5D5-92D2-4F0B-91A0-CD9B20A4A1A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1884CAE7-F593-40A1-8ABA-F41A341231DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "38A6DDDE-470F-4F8D-AF46-333E1A5C52E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C425B54A-406A-4D0C-88E1-AEFA1772DD4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE9E620-5FFA-4756-BE2E-EBA71D2483D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC4DC81C-657A-4F2C-979D-7BFCAF8DC9DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "41D0F267-E6CA-4064-912E-F5284DEA5B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6728269D-1529-4048-9980-5B58FD3F47D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5282B986-2470-4B37-8051-0F0BB38F757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3E14CA5-9CAB-4859-8ED9-2654BB755A17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD9DC4D-1A56-478D-A82E-1136A053338D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52F88C47-E8B0-4A43-9729-BA9B8D02D20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A46534C-2EF3-4167-9577-B4F439D28270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC925B44-DEB3-4509-8872-92302BAE87D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D00352-D5D7-4762-8941-33283A0BF54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA8948-2D0E-4DF7-B144-6D22E6C4733E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12EE64AD-287A-4E7C-9E4D-125328EA17A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01801C1-0851-4871-B46C-59E29930C46A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "936E37EF-D6F3-4E10-B55E-D098F564CA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "324DDE13-04D8-4FEB-A30E-7B97C88E65F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F778DA33-8C98-4E05-9462-A311677F28F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09C6014D-06AD-4B24-AD1C-B4DF85F7116C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "91C780C2-77B2-4B22-8E70-33BC5A265D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C322B75-E0FF-43F6-B98A-4932C3963DBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA0FCD5-BE10-4C06-99C9-383DD8320A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6A2741E9-9BEA-453F-A3C4-73185E8CE8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C414A114-7A2A-46EC-AA2D-313E5807F4C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFCF1E94-D363-4D76-ABA7-14961FD7C284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5DDB6C-87B0-46DD-BB6F-FE2CF182C15F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BFB4121-D4DE-4408-98A3-75F0130B77D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "028DC0E3-D477-441A-8BBF-0D845EC121B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6781185-BE24-43ED-9D30-D20E8BCC3065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C75BA518-EDA7-472E-8076-4839E8F87E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C09E0682-3627-4895-B9A2-058548C3E0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CD24FB-761D-4DC9-B56F-AD0F41475FAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "35D35162-2FEF-45CB-99AF-B0606BEA72EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27E74E-7698-4277-BFE8-E065914A5034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5073E62-8F6B-49BD-9E8E-C4B47DD02A9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E80BE71D-8AA6-4304-A87B-1905D8468556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E0BD9F-0745-4F26-B198-28C83946BA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A40A529-E944-4FDB-A88C-9AEFBA067010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5CF2F8-D3FB-4B2C-A031-B6B56A89A044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC137078-0619-4167-8037-64CE1A2F4286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D76F093E-1666-4DB3-8933-BE75CDB4E1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FEB8B8-6EB3-4814-B213-983B3B8F577E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3BCA7A-BF09-46FA-8922-6BAA5F1F76AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6951182E-D6AD-416B-9C57-11C08045978B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DC68B7-4939-439F-9DFC-B47EF0993156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88EBB0D5-F4DA-407E-B1BA-4DE53DA2043D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDF11D9-ADEF-4C4C-B09F-425C28FC5363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "81A8F610-7B4F-4802-8BEB-BEE5AC45D4CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC38B5D-4FF5-4428-87D5-F7DA82EFFCC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1AF9BE6-C8E1-44C5-8176-FB64DFCEB3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2DBC7DE7-B772-45DE-934C-A131114544BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "91162663-4E48-4BF7-B6BF-1DBB67878D95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA35A488-2057-42B1-9570-6D122C1BBC1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23444EF3-308E-42A0-9578-EB2E0D2E5D38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "773225D2-B6F6-4983-8BBE-169E6D5984C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E599CAD-00A6-46A3-8CF9-30562D42651B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:web_appliance:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB74E3E-1378-4FD0-B4B4-DA56EB0C12EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument."
},
{
"lang": "es",
"value": "La funci\u00f3n close_connections en /opt/cma/bin/clear_keys.pl en Sophos Web Appliance anterior a v3.7.9.1 y v3.8 anterior a v3.8.1.1 permite a usuarios locales conseguir privilegios a trav\u00e9s de metacaracteres de consola en el segundo argumento."
}
],
"id": "CVE-2013-4984",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-10T11:28:41.073",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Vendor Advisory"
],
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Vendor Advisory"
],
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
},
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-28 12:59
Modified
2025-04-20 01:37
Severity ?
Summary
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn't properly escape the information passed in the variables 'unblockip' and 'blockip' before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name 'escapedips' - however this was not the case. The Sophos ID is NSWA-1258.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | 4.2.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:4.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F4F4AA-F2D3-4054-A293-E12C03C3B679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn\u0027t properly escape the information passed in the variables \u0027unblockip\u0027 and \u0027blockip\u0027 before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name \u0027escapedips\u0027 - however this was not the case. The Sophos ID is NSWA-1258."
},
{
"lang": "es",
"value": "La Sophos Web Appliance (versi\u00f3n 4.2.1.3) es vulnerable a dos vulnerabilidades de inyecci\u00f3n de comandos remotos que afectan a su interfaz web administrativa. Estas vulnerabilidades ocurren en el componente MgrReport.php (/controllers/MgrReport.php) responsable de bloquear y desbloquear direcciones de IP de acceder al dispositivo. El dispositivo no escapa adecuadamente la informaci\u00f3n pasada en las variables \u0027unblockip\u0027 y \u0027blockip\u0027 antes de llamar a la funci\u00f3n shell_exec() lo que permite que se inyecten comandos del sistema en el dispositivo. El c\u00f3digo sugiere err\u00f3neamente que la informaci\u00f3n manejada est\u00e1 protegida utilizando el nombre de variable \u0027escapedips\u0027 - sin embargo \u00e9ste no es el caso. El ID Sophos es NSWA-1258."
}
],
"id": "CVE-2016-9553",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-28T12:59:00.133",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://pastebin.com/DUYuN0U5"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95853"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://pastebin.com/DUYuN0U5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-28 12:59
Modified
2025-04-20 01:37
Severity ?
Summary
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn't properly escape the information passed in the 'url' variable before calling the executeCommand class function ($this->dtObj->executeCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the 'section' parameter) is: 'configuration'. Exploitation of this vulnerability yields shell access to the remote machine under the 'spiderman' user account.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | 4.2.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:4.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F4F4AA-F2D3-4054-A293-E12C03C3B679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn\u0027t properly escape the information passed in the \u0027url\u0027 variable before calling the executeCommand class function ($this-\u003edtObj-\u003eexecuteCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the \u0027section\u0027 parameter) is: \u0027configuration\u0027. Exploitation of this vulnerability yields shell access to the remote machine under the \u0027spiderman\u0027 user account."
},
{
"lang": "es",
"value": "La Sophos Web Appliance Remote / Secure Web Gateway server (versi\u00f3n 4.2.1.3) es vulnerable a una vulnerabilidad de inyecci\u00f3n de comandos remotos en su interfaz web administrativa. Estas vulnerabilidades ocurren en MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), en el componente responsable de realizar test diagn\u00f3sticos con la utilidad wget de UNIX. La aplicaci\u00f3n no escapa adecuadamente la informaci\u00f3n pasada en la variable \u0027url\u0027 antes de llamar a la funci\u00f3n de la clase executeCommand ($this-\u003edtObj-\u003eexecuteCommand). Esta funci\u00f3n llama a exec() con entrada de usuario no desinfectada permitiendo inyecci\u00f3n remota de comandos. A la p\u00e1gina que contiene las vulnerabilidades, /controllers/MgrDiagnosticTools.php, se accede mediante un comando incorporado que responde a la interfaz administrativa. El comando que llama a la p\u00e1gina vulnerable (pasado en el par\u00e1metro \u0027section\u0027) es: \u0027configuration\u0027. La explotaci\u00f3n de esta vulnerabilidad da acceso shell a la m\u00e1quina remota bajo la cuenta de usuario \u0027spiderman\u0027."
}
],
"id": "CVE-2016-9554",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-28T12:59:00.180",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://pastebin.com/UB8Ye6ZU"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95858"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://pastebin.com/UB8Ye6ZU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-version-4-3-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-30 17:59
Modified
2025-04-20 01:37
Severity ?
Summary
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5CEDA7-BC64-4628-9361-E93033BAEF8A",
"versionEndIncluding": "4.3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304."
},
{
"lang": "es",
"value": "En Sophos Web Appliance (SWA) en versiones anteriores a 4.3.1.2, una secci\u00f3n de la interfaz de la m\u00e1quina responsable de generar informes era vulnerable a la inyecci\u00f3n de comandos remotos a trav\u00e9s de funciones, vulnerabilidad tambi\u00e9n conocida como NSWA-1304."
}
],
"id": "CVE-2017-6182",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-30T17:59:00.213",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/42332/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/42332/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-18 17:02
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance_firmware | * | |
| sophos | web_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A72A59D-1018-43D3-B7E8-53F0AA013C18",
"versionEndIncluding": "3.7.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:web_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37CBAA36-B58B-4D52-B674-E795290D42EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action to rss.php, (2) msg parameter to end-user/errdoc.php, (3) h parameter to end-user/ftp_redirect.php, or (4) threat parameter to the Blocked component."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en Sophos Web Appliance anterior a 3.7.8.2 permiten a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s del (1) par\u00e1metro xss en una acci\u00f3n permitida hacia rss.php, (2) par\u00e1metro msg hacia end-user/errdoc.php, (3) par\u00e1metro h hacia end-user/ftp_redirect.php o (4) par\u00e1metro threat hacia el componente Blocked."
}
],
"id": "CVE-2013-2643",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-18T17:02:51.887",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/118969.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-30 02:15
Modified
2024-11-21 08:05
Severity ?
Summary
Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | 4.3.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:4.3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA866A96-2576-44D6-9B30-23A4B5AEA417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes."
}
],
"id": "CVE-2023-33336",
"lastModified": "2024-11-21T08:05:26.987",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-30T02:15:09.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-%28XSS%29-in-Sophos-Web-Appliance-4.1.1-0.9.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-%28XSS%29-in-Sophos-Web-Appliance-4.1.1-0.9.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-30 17:59
Modified
2025-04-20 01:37
Severity ?
Summary
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | web_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5CEDA7-BC64-4628-9361-E93033BAEF8A",
"versionEndIncluding": "4.3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303."
},
{
"lang": "es",
"value": "En Sophos Web Appliance (SWA) en versiones anteriores a 4.3.1.2, una secci\u00f3n de la interfaz de la m\u00e1quina responsable de generar informes era vulnerable a la inyecci\u00f3n de comando remoto a trav\u00e9s del par\u00e1metro token, vulnerabilidad tambi\u00e9n conocida como NSWA-1303."
}
],
"id": "CVE-2017-6184",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-30T17:59:00.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-11 15:55
Modified
2025-04-12 10:46
Severity ?
Summary
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance_firmware:3.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1F13FE47-7269-42AF-9601-C04DB5BEF398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8580C268-2287-46DA-8E67-C6072A04535B",
"versionEndIncluding": "3.8.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8A7150-8264-416C-87DB-E9CDD318A82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57A40D50-1324-459A-81F2-1C57FFCB0206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7EB10A-A245-4688-9619-10A98BA5E23F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A64FCF4B-4BAF-409C-9500-BA729C11C098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "245AA033-6388-4EB1-84FC-12FD3683F5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9AEBAC-E764-4A12-99E5-C643C4BEC88E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "19FBAC31-D306-4C13-81B0-7EE733EBE258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA62F916-6282-40C2-BBF0-0EDAFEE085BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D84BF84-3204-4717-B6E7-3786A52ECB70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8BE4DA-F1AE-41BF-B062-9D50ACC0B9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFA7CD3-3F79-408E-B68F-9EFF382B29E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "589BBFA8-3A56-4057-BE9E-EC63AA837CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C524417-B3CD-46B9-8A59-C489170E264E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E5111B15-366D-4B8E-946C-5E294907B399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1F32D9-BAA5-420D-AE0D-4E64320DB004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E93E2D4E-15A7-41BB-9F9E-162CEB797B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1090659-0F39-4E89-AA83-699549471839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBBFF84-0C64-4B50-AAA4-02A5B41F1C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7DAD5CD0-9B52-4FF2-B1E2-BA2223073893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9132766-CAD5-4BE4-8E11-80251C28A974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "402C91F9-5FAF-4A1E-8350-799F825B2E95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E69BED8D-1A92-4384-8BB4-5822FC69E29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2574CFB6-D3F2-41F0-88A4-152BD2F42427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72589AEB-DE8A-4385-BBA9-D6B8A74AFC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "934B4C03-1B9A-4B83-A396-1A44BCA8C1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08CC0060-A20C-4769-BA3F-43EDC8DAC750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DED9963-61AE-44C6-AC73-0F1AD82E34CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078EE8-828A-4852-835A-CEC103A23A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1F9D52-CFEA-41B1-8477-1FF06FFB3EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BEAE73E-5B43-48E9-A048-143F58FBC784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2F23A049-F7D3-4CC0-B75D-A65D2151E265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8E4724-F49B-4C1B-9879-7DFC23E12F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77EEB883-CF36-4274-B5C6-C83CB6C237A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3063D8C-6CBE-4929-BBB8-5D6AB935DF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4BB573-434C-48C6-9C25-FD804FB4AAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "54365D65-F2D6-423E-B3D3-B69C432A0CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57AFF87D-4DC8-42C1-9DAF-99A85D753D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "240B178F-4BE5-4778-AFEB-9BA53B866E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89E03D20-3D0F-4BAC-8A30-3464F3C811E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69C112DE-1BC2-434F-B68D-EFE043A79FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "49558797-D233-499D-85D8-AF8DEF667448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FF0A14-F791-4E03-B70A-C622824D49C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BDFF3F-3FD2-4E20-9D1F-19186CD83611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC1965-4E62-4DBF-AF18-ABFA7A3F54B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8573D8-DD6E-49C6-9AE8-A92880367435",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B9976F-5CC8-4FAF-AAAA-CE5E3B99AF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C92D31A8-8DCE-4FE2-8816-FB6D43575DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "572BC9FF-8BC2-4839-88B1-E675A39AFF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED348A0-8645-48FD-8851-B803C4220BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7FC1C8-97BE-41DC-A81D-F8950D6716BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "171D7FA2-8DBB-436A-B963-D6A02707C0E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83C13E74-8583-446C-9EC9-0E97CE383619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "507DBEDA-F5BA-4FA4-BE81-29A648058B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4B04F3-0306-4CDB-BE6B-648F37CB9722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE5DBC9-FD14-4BB8-9BE5-859216819D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE153D0-69DC-4724-9119-B8EF06A24404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51E7297E-81EF-49BE-85F0-79CCF1B4BB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F97C2079-150D-4CE0-909B-5B106F66E265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "049E873D-0E1B-4AA1-AFF7-5738A3DD145C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE97EF8-DC5C-460C-AA8B-6C7E86F2143B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3242A2-FB0F-45DE-B362-3EC65FD360E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15E53E03-EC8A-4B83-A91B-44B2C96B5CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5347976-394B-42F9-A0B9-D63DCAC8719B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5456C566-9473-4665-8CDD-D795CA6369A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC57EEC-5D83-4640-B625-BDB9BF8148C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14EEEB2D-2973-4C72-8445-6B51CB6D05A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "74D9F811-E875-4DE9-9F35-C3540FCCBFF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D587EB-200C-4979-B2C7-578F0BC5FD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "230DD33A-0D47-4B64-BDA9-5A28814E113F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "827687F6-E29A-4D87-8C44-8EC91FF2F1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDB0A27-9E8A-4169-A874-3ACDDE105CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "178F7104-4BDC-43A1-ADCB-4B5E1879A67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1551E945-5C3E-429A-A057-2734E9CAA23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "047521B0-40AF-409A-814B-51573AC62A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB8C9E0-6E62-48FA-9E55-489FE073E996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B249C69-5FCA-4B1A-8D58-B32B2F45FB7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:web_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37CBAA36-B58B-4D52-B674-E795290D42EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter."
},
{
"lang": "es",
"value": "La p\u00e1gina de configuraci\u00f3n de interfaz de red (netinterface) en Sophos Web Appliance anterior a 3.8.2 permite a administradores remotos ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en el par\u00e1metro de direcci\u00f3n."
}
],
"id": "CVE-2014-2850",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-11T15:55:27.693",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57706"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/66734"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/32789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/120230.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-069/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-10 11:28
Modified
2025-04-11 00:51
Severity ?
Summary
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:web_appliance_firmware:3.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1F13FE47-7269-42AF-9601-C04DB5BEF398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1926B1A8-9B8B-420A-B58B-B55C2687F2E6",
"versionEndIncluding": "3.7.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8A7150-8264-416C-87DB-E9CDD318A82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57A40D50-1324-459A-81F2-1C57FFCB0206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7EB10A-A245-4688-9619-10A98BA5E23F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A64FCF4B-4BAF-409C-9500-BA729C11C098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "245AA033-6388-4EB1-84FC-12FD3683F5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9AEBAC-E764-4A12-99E5-C643C4BEC88E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "19FBAC31-D306-4C13-81B0-7EE733EBE258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA62F916-6282-40C2-BBF0-0EDAFEE085BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D84BF84-3204-4717-B6E7-3786A52ECB70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8BE4DA-F1AE-41BF-B062-9D50ACC0B9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFA7CD3-3F79-408E-B68F-9EFF382B29E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "589BBFA8-3A56-4057-BE9E-EC63AA837CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C524417-B3CD-46B9-8A59-C489170E264E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E5111B15-366D-4B8E-946C-5E294907B399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1F32D9-BAA5-420D-AE0D-4E64320DB004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E93E2D4E-15A7-41BB-9F9E-162CEB797B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1090659-0F39-4E89-AA83-699549471839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBBFF84-0C64-4B50-AAA4-02A5B41F1C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7DAD5CD0-9B52-4FF2-B1E2-BA2223073893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9132766-CAD5-4BE4-8E11-80251C28A974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "402C91F9-5FAF-4A1E-8350-799F825B2E95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E69BED8D-1A92-4384-8BB4-5822FC69E29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2574CFB6-D3F2-41F0-88A4-152BD2F42427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72589AEB-DE8A-4385-BBA9-D6B8A74AFC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "934B4C03-1B9A-4B83-A396-1A44BCA8C1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08CC0060-A20C-4769-BA3F-43EDC8DAC750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DED9963-61AE-44C6-AC73-0F1AD82E34CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D078EE8-828A-4852-835A-CEC103A23A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1F9D52-CFEA-41B1-8477-1FF06FFB3EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BEAE73E-5B43-48E9-A048-143F58FBC784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2F23A049-F7D3-4CC0-B75D-A65D2151E265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8E4724-F49B-4C1B-9879-7DFC23E12F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77EEB883-CF36-4274-B5C6-C83CB6C237A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3063D8C-6CBE-4929-BBB8-5D6AB935DF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4BB573-434C-48C6-9C25-FD804FB4AAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "54365D65-F2D6-423E-B3D3-B69C432A0CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57AFF87D-4DC8-42C1-9DAF-99A85D753D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "240B178F-4BE5-4778-AFEB-9BA53B866E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89E03D20-3D0F-4BAC-8A30-3464F3C811E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69C112DE-1BC2-434F-B68D-EFE043A79FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "49558797-D233-499D-85D8-AF8DEF667448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FF0A14-F791-4E03-B70A-C622824D49C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BDFF3F-3FD2-4E20-9D1F-19186CD83611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC1965-4E62-4DBF-AF18-ABFA7A3F54B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8573D8-DD6E-49C6-9AE8-A92880367435",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B9976F-5CC8-4FAF-AAAA-CE5E3B99AF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C92D31A8-8DCE-4FE2-8816-FB6D43575DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "572BC9FF-8BC2-4839-88B1-E675A39AFF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED348A0-8645-48FD-8851-B803C4220BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7FC1C8-97BE-41DC-A81D-F8950D6716BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "171D7FA2-8DBB-436A-B963-D6A02707C0E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83C13E74-8583-446C-9EC9-0E97CE383619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "507DBEDA-F5BA-4FA4-BE81-29A648058B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4B04F3-0306-4CDB-BE6B-648F37CB9722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE5DBC9-FD14-4BB8-9BE5-859216819D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE153D0-69DC-4724-9119-B8EF06A24404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51E7297E-81EF-49BE-85F0-79CCF1B4BB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F97C2079-150D-4CE0-909B-5B106F66E265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "049E873D-0E1B-4AA1-AFF7-5738A3DD145C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE97EF8-DC5C-460C-AA8B-6C7E86F2143B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3242A2-FB0F-45DE-B362-3EC65FD360E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15E53E03-EC8A-4B83-A91B-44B2C96B5CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5347976-394B-42F9-A0B9-D63DCAC8719B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5456C566-9473-4665-8CDD-D795CA6369A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC57EEC-5D83-4640-B625-BDB9BF8148C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14EEEB2D-2973-4C72-8445-6B51CB6D05A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "74D9F811-E875-4DE9-9F35-C3540FCCBFF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D587EB-200C-4979-B2C7-578F0BC5FD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "230DD33A-0D47-4B64-BDA9-5A28814E113F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "827687F6-E29A-4D87-8C44-8EC91FF2F1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDB0A27-9E8A-4169-A874-3ACDDE105CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "178F7104-4BDC-43A1-ADCB-4B5E1879A67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB8C9E0-6E62-48FA-9E55-489FE073E996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sophos:web_appliance_firmware:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B249C69-5FCA-4B1A-8D58-B32B2F45FB7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:web_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37CBAA36-B58B-4D52-B674-E795290D42EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php."
},
{
"lang": "es",
"value": "La funci\u00f3n get_referers en /opt/ws/bin/sblistpack de Sophos Web Appliance anterior a 3.7.9.1 y 3.8 (anterior a 3.8.1.1) permite a un atacante remoto ejecutar comandos a discrecci\u00f3n a trav\u00e9s de metacaracteres shell en el parametro dominio de end-user/index.php"
}
],
"id": "CVE-2013-4983",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-10T11:28:40.997",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}