CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 2CVE-2015-6811 – Cyberoam Firewall CR500iNG-XP 10.6.2 MR-1 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2015-6811
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml. Vulnerabilidad de inyección SQL en el dispositivo de firewall Sophos Cyberoam CR500iNG-XP con CyberoamOS 10.6.2 MR-1 y versiones anteriores, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro username en login.xml. • https://www.exploit-db.com/exploits/38034 http://packetstormsecurity.com/files/133378/Cyberoam-CR500iNG-XP-10.6.2-MR-1-Blind-SQL-Injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 0CVE-2014-5502 – Sophos Cyberoam sslvpn_liveuser_delete Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-5502
The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode. Los dispositivos Sophos Cyberoam con CyberoamOS anterior a 10.6.1 GA permite a usuarios remotos autenticados inyectar comandos arbitrarios a través de un código de operación (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, o (4) ccc_flush_sql_file. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Cyberoam. Authentication is required to exploit this vulnerability. The specific flaw exists within the sslvpn_liveuser_delete opcode. The issue lies in the failure to properly sanitize user-supplied input before executing commands. • http://kb.cyberoam.com/default.asp?id=3049 http://www.zerodayinitiative.com/advisories/ZDI-14-328 http://www.zerodayinitiative.com/advisories/ZDI-14-331 http://www.zerodayinitiative.com/advisories/ZDI-14-332 http://www.zerodayinitiative.com/advisories/ZDI-14-333 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.3EPSS: 19%CPEs: 2EXPL: 0CVE-2014-5501 – Sophos Cyberoam diagnose Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-5501
Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary code via a crafted webpage or file. Desbordamiento de buffer basado en pila en el servicio de diagnóstica en los dispositivos Sophos Cyberoam with CyberoamOS anterior a 10.6.1 GA permite a atacantes remotos ejecutar código arbitrario a través de una página web manipulada o un fichero manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Cyberoam. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the diagnose service. The issue lies in the failure to validate the size of the input buffer before copying it into a fixed-size buffer on the stack. • http://kb.cyberoam.com/default.asp?id=3049 http://www.zerodayinitiative.com/advisories/ZDI-14-334 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2014-5503 – Sophos Cyberoam add_guest_user Blind SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-5503
SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the add_guest_user opcode. Vulnerabilidad de inyección SQL en el portal de inicio de sesión de huéspedes en los dispositivos Sophos Cyberoam con CyberoamOS anterior a 10.6.1 GA permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del código de operación add_guest_user. This vulnerability allows remote attackers to execute arbitrary SQL on vulnerable installations of Sophos Cyberoam. Authentication is not required to exploit this vulnerability. The specific flaw exists within the add_guest_user opcode. The issue lies in the failure to properly sanitize the specified mobile number prior to executing a SQL query. • http://kb.cyberoam.com/default.asp?id=3049 http://www.zerodayinitiative.com/advisories/ZDI-14-329 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 4CVE-2012-1047 – Cyberoam Central Console 2.00.2 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2012-1047
Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action. Una vulnerabilidad de salto de directorio en el Servicio WWWHELP (js/html/wwhelp.htm) en Cyberoam Central Console (CCC) v2.00.2 permite a atacantes remotos incluir y ejecutar archivos locales de su elección a través de un .. (punto punto) en el parámetro 'file' en una acción Online_help. • https://www.exploit-db.com/exploits/18473 http://archives.neohapsis.com/archives/bugtraq/2012-02/0036.html http://www.exploit-db.com/exploits/18473 http://www.securityfocus.com/bid/51901 http://www.vulnerability-lab.com/get_content.php?id=405 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •