Sophos fixed a critical vulnerability in Cyberoam firewalls

5 years ago
October 11, 2019
0 replies
44 views

+54

Jasper_The_Rasper
Moderator
11631 replies

October 11, 2019 By Pierluigi Paganini

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication.

Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password.

“A critical shell injection vulnerability in Sophos Cyberoam Firewall appliances running CyberoamOS (CROS) version 10.6.6 MR-5 and earlier was recently discovered and responsibly disclosed to Sophos by an external security researcher.” reads the advisorypublished by Sophos.

“The vulnerability can be potentially exploited by sending a malicious request to either the Web Admin or SSL VPN consoles, which would enable an unauthenticated remote attacker to execute arbitrary commands.”

Full Article.

Be the first to reply!

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication.

Reply

Related Topics

The log file for job ID "xx" does not existicon

FME Server 2019 Error: The log file for job ID "2613" does not existicon

Error: The log file for job ID "..." does not existicon

Error: The log file for job ID "6" does not existicon

Errow with running my FME Flowicon

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded