Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) | allinfosecnews.com

Nov. 20, 2023, 11:43 a.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance that allows attackers to execute arbitrary code. Sophos Web Appliance is a web gateway appliance that functions as a web proxy and scans potentially harmful content for … More →

The post …

april attackers auth catalog cisa command command injection critical critical vulnerability cve don't miss enterprise exploit exploited exploited vulnerabilities hot stuff injection known exploited known exploited vulnerabilities known exploited vulnerabilities catalog poc sophos sophos web appliance the company vulnerabilities vulnerability vulnerability exploited web

More from www.helpnetsecurity.com / Help Net Security

1Password Extended Access Management secures unmanaged applications and devices 14 hours ago | www.helpnetsecurity.com

1password access access management application +18

New SOHO router malware aims for cloud accounts, internal company resources 16 hours ago | www.helpnetsecurity.com

account accounts actor alibaba +38

Trend Micro expands AI-powered cybersecurity platform 16 hours ago | www.helpnetsecurity.com

adoption advancements ai-powered ai tools +16

HITRUST updates Cyber Threat Adaptive engine to address emerging cyber threats 17 hours ago | www.helpnetsecurity.com

accuracy address advanced ai capabilities +27

Secure Code Warrior SCW Trust Score quantifies the security posture of developer teams 17 hours ago | www.helpnetsecurity.com

benchmark code developer effectively +13

Proofpoint DLP Transform secures data moving to ChatGPT, copilots, and other GenAI tools 17 hours ago | www.helpnetsecurity.com

address businesses cases chatgpt +24

Appdome launches MobileEDR, merging MTD and EDR to protect enterprise mobile apps 18 hours ago | www.helpnetsecurity.com

agentless amp app appdome +27

Confluent enhances Apache Flink with new features for easier AI and broader stream processing 18 hours ago | www.helpnetsecurity.com

ai model apache cloud confluent +18

Nord Security unveils NordStellar, a platform for advanced cyber threat detection and response 18 hours ago | www.helpnetsecurity.com

access accounts advanced and response +38

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India

View on infosec-jobs.com

Cyber Program Manager - CISO- United States – Remote

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700

View on infosec-jobs.com

Network Security Engineer (AEGIS)

@ Peraton | Virginia Beach, VA, United States

View on infosec-jobs.com

SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May

@ EMW, Inc. | Mons, Wallonia, Belgium

View on infosec-jobs.com

Information Systems Security Engineer

@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)

View on infosec-jobs.com