CyberSec.Space Logo
Back to CVE Browser

CVE-2019-17059

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1940%
EPSS Percentile33.13th
PublishedOct 11, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.

Affected Platforms (CPE)

πŸ’»
Sophos

Cyberoamos

< 10.6.6
πŸ’»
Sophos

Cyberoamos

= 10.6.6
πŸ’»
Sophos

Cyberoamos

= 10.6.6
πŸ’»
Sophos

Cyberoamos

= 10.6.6
πŸ’»
Sophos

Cyberoamos

= 10.6.6
πŸ’»
Sophos

Cyberoamos

= 10.6.6
πŸ’»
Sophos

Cyberoamos

= 10.6.6

References & Advisories

πŸ”— https://community.sophos.com/kb/en-us/134732
πŸ”— https://community.sophos.com/products/cyberoamos/
πŸ”— https://thebestvpn.com/cyberoam-preauth-rce/
πŸ”— https://community.sophos.com/kb/en-us/134732
πŸ”— https://community.sophos.com/products/cyberoamos/
πŸ”— https://thebestvpn.com/cyberoam-preauth-rce/

Related Vulnerabilities

CVE-2014-550310.0

SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows re...

CVE-2014-55019.3

Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remo...

CVE-2014-55029.0

The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via...

CVE-2015-68117.5

SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows r...