all InfoSec news
Sophos Web Appliance Critical Flaw Let Attacker Execute Arbitrary Code
GBHackers On Security gbhackers.com
Sophos has released a new security advisory that has fixed 3 of its significant vulnerabilities, allowing threat actors to execute arbitrary code injection on Sophos Web Appliance (SWA). CVE(s): CVE-2023-1671 – Pre-Auth Command Injection in Sophos Web Appliance CVSS Score: 9.8 (Critical) CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H This vulnerability exists on the warn-proceed handler, allowing threat actors […]
The post Sophos Web Appliance Critical Flaw Let Attacker Execute Arbitrary Code appeared first on GBHackers - Latest Cyber Security News | Hacker News …
advisory auth code code injection command command injection critical critical flaw cve cvss cyber cyber security firewall flaw hacker injection latest score security security advisory sophos sophos web appliance threat threat actors vulnerabilities vulnerability web