Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:sophos:web_appliance_firmware:3.8.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-2850 |
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter. Published: April 11, 2014; 11:55:27 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 8.5 HIGH |
CVE-2014-2849 |
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request. Published: April 11, 2014; 11:55:27 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 8.5 HIGH |
CVE-2013-4983 |
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php. Published: September 10, 2013; 7:28:40 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |