CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6183
https://notcve.org/view.php?id=CVE-2017-6183
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. En Sophos Web Appliance (SWA) en versiones anteriores a 4.3.1.2, una sección de las utilidades de configuración de la máquina para agregar (y detectar) servidores Active Directory era vulnerable a inyección de comandos remotos, vulnerabilidad también conocida como NSWA-1314. • http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html http://www.securityfocus.com/bid/97261 https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 1CVE-2017-6182 – Sophos Web Appliance 4.3.0.2 - 'trafficType' Remote Command Injection
https://notcve.org/view.php?id=CVE-2017-6182
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. En Sophos Web Appliance (SWA) en versiones anteriores a 4.3.1.2, una sección de la interfaz de la máquina responsable de generar informes era vulnerable a la inyección de comandos remotos a través de funciones, vulnerabilidad también conocida como NSWA-1304. • https://www.exploit-db.com/exploits/42332 http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html http://www.securityfocus.com/bid/97261 https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.1EPSS: 3%CPEs: 1EXPL: 1CVE-2017-6412 – Sophos Web Appliance 4.3.1.1 - Session Fixation
https://notcve.org/view.php?id=CVE-2017-6412
In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. En Sophos Web Appliance (SWA) en versiones anteriores a 4.3.1.2, podría ocurrir la fijación de sesión, vulnerabilidad también conocida como NSWA-1310. Sophos Web Appliance version 4.3.1.1 suffers from a session fixation vulnerability. • https://www.exploit-db.com/exploits/42012 http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html http://www.securityfocus.com/bid/97261 https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2 https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf • CWE-384: Session Fixation •
CVSS: 8.5EPSS: 69%CPEs: 79EXPL: 3CVE-2014-2850 – Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2014-2850
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter. La página de configuración de interfaz de red (netinterface) en Sophos Web Appliance anterior a 3.8.2 permite a administradores remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en el parámetro de dirección. • https://www.exploit-db.com/exploits/32789 http://secunia.com/advisories/57706 http://www.exploit-db.com/exploits/32789 http://www.securityfocus.com/bid/66734 http://www.sophos.com/en-us/support/knowledgebase/120230.aspx http://www.zerodayinitiative.com/advisories/ZDI-14-069 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/sophos_wpa_iface_exec.rb • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.5EPSS: 10%CPEs: 79EXPL: 4CVE-2014-2849 – Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-2849
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request. El cuadro de dialogo de cambio de contraseña (change_password) en Sophos Web Appliance anterior a 3.8.2 permite a usuarios remotos autenticados cambiar la contraseña del usuario de administración a través de una solicitud manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Web Appliance. Authentication is required to exploit this vulnerability. The specific flaws exist within the change_password and netinterface functions of the web appliance. The first flaw will allow for an unprivileged user to change the admin's password and a remote code execution vulnerability exists when updating the network interface. • https://www.exploit-db.com/exploits/32789 http://secunia.com/advisories/57706 http://www.exploit-db.com/exploits/32789 http://www.securityfocus.com/bid/66734 http://www.sophos.com/en-us/support/knowledgebase/120230.aspx http://www.zerodayinitiative.com/advisories/ZDI-14-069 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/sophos_wpa_iface_exec.rb • CWE-264: Permissions, Privileges, and Access Controls •