Remote Command Injection Vulnerability in Cyberoam Appliances by Sophos
CVE-2014-5502

Currently unrated

Key Information:

Vendor

Cyberoam

Status
Cyberoam Os
Vendor
CVE Published:
7 October 2014

What is CVE-2014-5502?

The vulnerability in Sophos Cyberoam appliances running CyberoamOS prior to version 10.6.1 GA allows remote authenticated users to execute arbitrary commands on the system. This is achievable through multiple opcodes, including checkcert_key, webclient_portal_settings, sslvpn_liveuser_delete, and ccc_flush_sql_file. Such flaws could lead to unauthorized actions and a compromise of sensitive information within the network infrastructure. It is essential to apply the necessary updates to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.zerodayinitiative.com/advisories/ZDI-14-328/
x_refsource_MISC
http://www.zerodayinitiative.com/advisories/ZDI-14-333/
x_refsource_MISC
http://www.zerodayinitiative.com/advisories/ZDI-14-331/
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.