Remote Command Execution Vulnerability in Sophos Web Appliance
CVE-2013-2642

Currently unrated

Key Information:

Vendor: Sophos
Status: Web Appliance Firmware; Web Appliance
Vendor: CVE Published:; 18 March 2014

Summary

The Sophos Web Appliance prior to version 3.7.8.2 is susceptible to a remote command execution vulnerability. Attackers can exploit this flaw by injecting shell metacharacters into the client-ip parameter on the Block page using the user_workstation variable in customized templates. Additionally, remote authenticated users may use shell metacharacters in the url parameter of the Diagnostic Tools functionality or in the entries parameter of the Local Site List, allowing them to execute arbitrary commands. This vulnerability poses a significant risk to the security of the appliance and may lead to unauthorized access to sensitive information.

References

https://www.sec-consult.com/fxdata/seccons/prod/temedia/a...

x_refsource_MISC

http://www.sophos.com/en-us/support/knowledgebase/118969....

x_refsource_CONFIRM

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 18, 2014
Vulnerability Reserved
Mar 22, 2013