Sophos Web Appliance Critical Flaw Let Attacker Execute Arbitrary Code | allinfosecnews.com

April 11, 2023, 3:39 p.m. | Guru Baran

GBHackers On Security gbhackers.com

Sophos has released a new security advisory that has fixed 3 of its significant vulnerabilities, allowing threat actors to execute arbitrary code injection on Sophos Web Appliance (SWA). CVE(s): CVE-2023-1671 – Pre-Auth Command Injection in Sophos Web Appliance CVSS Score: 9.8 (Critical) CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H This vulnerability exists on the warn-proceed handler, allowing threat actors […]

The post Sophos Web Appliance Critical Flaw Let Attacker Execute Arbitrary Code appeared first on GBHackers - Latest Cyber Security News | Hacker News …

advisory auth code code injection command command injection critical critical flaw cve cvss cyber cyber security firewall flaw hacker injection latest score security security advisory sophos sophos web appliance threat threat actors vulnerabilities vulnerability web

More from gbhackers.com / GBHackers On Security

Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks 21 hours ago | gbhackers.com

attacks bad cyber cyber-attack +25

New Linux Backdoor Attacking Linux Users Via Installation Packages 21 hours ago | gbhackers.com

access backdoor cloud cloud infrastructure +28

ViperSoftX Malware Uses Deep Learning Model To Execute Commands 21 hours ago | gbhackers.com

building commands cryptocurrency cryptocurrency-security +20

Santander Data Breach: Hackers Accessed Company Database 23 hours ago | gbhackers.com

breach breaking chile customers +19

U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers 1 day ago | gbhackers.com

arrest cyber security doing government +13

Russian APT Hackers Attacking Critical Infrastructure 1 day, 1 hour ago | gbhackers.com

advanced advanced persistent threat apt apt groups +29

Millions Of IoT Devices Vulnerable To Attacks Leads To Full Takeover 1 day, 15 hours ago | gbhackers.com

attacks camera cameras companies +22

Apple Has Terminated 370 Million+ Developer & Customer Accounts 1 day, 21 hours ago | gbhackers.com

accounts app apple consumers +18

VirusTotal’s Crowdsourced AI Initiative to Analyze Macros With Word & Excel Files 1 day, 23 hours ago | gbhackers.com

ai model can change crowdsourced +16

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Senior Application Security Engineer, Application Security

@ Miro | Amsterdam, NL

View on infosec-jobs.com

SOC Analyst (m/w/d)

@ LANXESS | Leverkusen, NW, DE, 51373

View on infosec-jobs.com

Lead Security Solutions Engineer (Remote, North America)

@ Dynatrace | Waltham, MA, United States

View on infosec-jobs.com