Skip to main content

Cyberoamos

3 CVEs product

Monthly

CVE-2020-29574 CRITICAL KEV THREAT Act Now

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Cyberoamos
NVD
CVSS 3.1
9.8
EPSS
4.7%
CVE-2019-17059 CRITICAL POC Act Now

A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Sophos Command Injection Cyberoamos
NVD
CVSS 3.1
9.8
EPSS
7.4%
CVE-2015-6811 HIGH POC This Week

SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Sophos SQLi Cyberoamos
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.8%
EPSS 5% CVSS 9.8
CRITICAL KEV THREAT Act Now

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Cyberoamos
NVD
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Sophos Command Injection Cyberoamos
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Sophos SQLi Cyberoamos
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy