CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-5503

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1090%
EPSS Percentile12.63th
Published2014年10月7日
Last Modified2026年5月6日

Vulnerability Description

SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the add_guest_user opcode.

Affected Platforms (CPE)

💻
Cyberoam

Cyberoam Os

<= 10.4
💻
Cyberoam

Cyberoam Os

<= 10.6.1

References & Advisories

🔗 http://kb.cyberoam.com/default.asp?id=3049
🔗 http://www.zerodayinitiative.com/advisories/ZDI-14-329/
🔗 http://kb.cyberoam.com/default.asp?id=3049
🔗 http://www.zerodayinitiative.com/advisories/ZDI-14-329/

関連する脆弱性情報

CVE-2019-170599.8

A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attacke...

CVE-2020-370959.8

Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary ...

CVE-2020-295749.8

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbit...

CVE-2014-55019.3

Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remo...