CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-5503

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1090%
EPSS Percentile12.63th
Published2014年10月7日
Last Modified2026年5月6日

Vulnerability Description

SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the add_guest_user opcode.

Affected Platforms (CPE)

💻
Cyberoam

Cyberoam Os

<= 10.4
💻
Cyberoam

Cyberoam Os

<= 10.6.1

References & Advisories

🔗 http://kb.cyberoam.com/default.asp?id=3049
🔗 http://www.zerodayinitiative.com/advisories/ZDI-14-329/
🔗 http://kb.cyberoam.com/default.asp?id=3049
🔗 http://www.zerodayinitiative.com/advisories/ZDI-14-329/

相關漏洞威脅

CVE-2019-170599.8

A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attacke...

CVE-2020-370959.8

Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary ...

CVE-2020-295749.8

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbit...

CVE-2014-55019.3

Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remo...