KLA10336
Multiple vulnerabilities in Sophos Web Appliance

Обновлено: 18/06/2020
Дата обнаружения
11/04/2014
Уровень угрозы
Critical
Описание

Multiple critical vulnerabilities have been found in Sophos Web Appliance. Malicious users can exploit these vulnerabilities to execute arbitrary commands or change admin password. Below is a complete list of vulnerabilities

  1. Vectors related to the netinterface configuration page can be exploited remotely via a specially designed address parameter;
  2. Vectors related to the change password dialog can be exploited remotely via a specially designed request.
Пораженные продукты

Sophos Web Appliance versions 3.8.1.1 and earlier

Решение

Update to latest version

Оказываемое влияние
?
ACE 
[?]

PE 
[?]
Связанные продукты
Sophos Web Appliance
CVE-IDS
CVE-2014-28498.5Critical
CVE-2014-28508.5Critical
Эксплуатация

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/32789

https://www.exploit-db.com/exploits/32789

Узнай статистику распространения уязвимостей в твоем регионе