SQL Injection Vulnerability in Sophos Cyberoam Firewall Appliance
CVE-2015-6811

Currently unrated

Key Information:

Vendor: Cyberoam
Status: Cyberoamos
Vendor: CVE Published:; 4 September 2015

What is CVE-2015-6811?

A SQL injection flaw exists in the Sophos Cyberoam CR500iNG-XP firewall appliance utilizing CyberoamOS 10.6.2 MR-1 and earlier. This vulnerability allows remote attackers to manipulate SQL queries via the 'username' parameter in the login.xml file. Successful exploitation could enable attackers to execute arbitrary SQL commands, leading to potential unauthorized access or data exposure in the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/133378/Cyberoam-CR50...

x_refsource_MISC

https://www.exploit-db.com/exploits/38034/

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 4, 2015

JSON

Cyberoam

What is CVE-2015-6811?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.