cbcvebase.
CVE-2020-29574
published 2020-12-11

CVE-2020-29574: An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.

PriorityP188critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2025-02-27
Exploited in the wild
EPSS
4.73%
90.7th percentile
An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.

Affected

1 ranges
VendorProductVersion rangeFixed in
sophoscyberoamos<= 2020-12-04

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerability is an unauthenticated SQL injection in the WebAdmin interface of CyberoamOS (CROS); monitor for anomalous or malformed SQL-bearing HTTP requests targeting the WebAdmin component
  • No authentication is required to exploit this vulnerability; any unauthenticated inbound request to the CyberoamOS WebAdmin interface carrying SQL metacharacters or injection payloads should be treated as suspicious
  • ·The affected product (CyberoamOS / CROS) is end-of-life and end-of-service; no patch will be issued. Detection efforts should focus on identifying continued use of the product in the environment and blocking all external access to its WebAdmin interface.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
cisa9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.