Arbitrary Command Execution in Sophos Web Appliance
CVE-2013-4983 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
Learn more about our Web App Pen Testing.