cbcvebase.

Sophos Web Appliance vulnerabilities

12 known vulnerabilities affecting sophos/web_appliance.

Total CVEs
12
CISA KEV
1
actively exploited
Public exploits
6
Exploited in wild
1
Severity breakdown
CRITICAL2HIGH6MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2023-1671P1CRITICALCVSS 9.8KEVPoCfixed in 4.3.10.42023-04-04
CVE-2023-1671 [CRITICAL] CWE-77 CVE-2023-1671: A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
nvd
CVE-2017-6182P2CRITICALCVSS 9.8PoC≤ 4.3.1.12017-03-30
CVE-2017-6182 [CRITICAL] CWE-78 CVE-2017-6182: In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for g In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
nvd
CVE-2016-9554P2HIGHCVSS 7.2PoCv4.2.1.32017-01-28
CVE-2016-9554 [HIGH] CWE-77 CVE-2016-9554: The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Rem The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. T
nvd
CVE-2016-9553P3HIGHCVSS 7.2PoCv4.2.1.32017-01-28
CVE-2016-9553 [HIGH] CWE-77 CVE-2016-9553: The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabili The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn't properly escape the
nvd
CVE-2017-6412P3HIGHCVSS 8.1PoC≤ 4.3.1.12017-03-30
CVE-2017-6412 [HIGH] CWE-384 CVE-2017-6412: In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.
nvd
CVE-2013-4984P3HIGHCVSS 7.2PoC≤ 3.7.9v3.0.0+74 more2013-09-10
CVE-2013-4984 [HIGH] CWE-78 CVE-2013-4984: The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.
nvd
CVE-2022-4934P3HIGHCVSS 7.2fixed in 4.3.10.42023-04-04
CVE-2022-4934 [HIGH] CWE-77 CVE-2022-4934: A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older th A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.
nvd
CVE-2017-6183P3HIGHCVSS 7.2≤ 4.3.1.12017-03-30
CVE-2017-6183 [HIGH] CWE-77 CVE-2017-6183: In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
nvd
CVE-2017-6184P4MEDIUMCVSS 4.7≤ 4.3.1.12017-03-30
CVE-2017-6184 [MEDIUM] CWE-77 CVE-2017-6184: In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for g In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
nvd
CVE-2020-36692P4MEDIUMCVSS 5.4fixed in 4.3.10.42023-04-04
CVE-2020-36692 [MEDIUM] CWE-79 CVE-2020-36692: A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older th A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.
nvd
CVE-2017-9523P4MEDIUMCVSS 6.1≤ 4.3.1.42017-06-09
CVE-2017-9523 [MEDIUM] CWE-79 CVE-2017-9523: The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342. The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342.
nvd
CVE-2023-33336P4MEDIUMCVSS 4.8v4.3.9.12023-06-30
CVE-2023-33336 [MEDIUM] CWE-79 CVE-2023-33336: Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 t Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes.
nvd
Sophos Web Appliance vulnerabilities | cvebase