CyberSec.Space Logo
Back to CVE Browser

CVE-2014-5501

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile20.62th
PublishedOct 7, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary code via a crafted webpage or file.

Affected Platforms (CPE)

πŸ’»
Cyberoam

Cyberoam Os

<= 10.4
πŸ’»
Cyberoam

Cyberoam Os

<= 10.6.1

References & Advisories

πŸ”— http://kb.cyberoam.com/default.asp?id=3049
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-14-334/
πŸ”— http://kb.cyberoam.com/default.asp?id=3049
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-14-334/

Related Vulnerabilities

CVE-2014-550310.0

SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows re...

CVE-2020-370959.8

Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary ...

CVE-2020-295749.8

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbit...

CVE-2019-170599.8

A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attacke...