CVE-2014-2850

Currently unrated

Key Information:

Vendor: Sophos
Status: Web Appliance Firmware; Web Appliance
Vendor: CVE Published:; 11 April 2014

Summary

The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.

References

http://www.securityfocus.com/bid/66734

vdb-entryx_refsource_BID

http://www.sophos.com/en-us/support/knowledgebase/120230....

x_refsource_CONFIRM

http://www.zerodayinitiative.com/advisories/ZDI-14-069/

x_refsource_MISC

EPSS Score

28% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 11, 2014

Collectors

NVD DatabaseMitre Database