Remote Password Change Vulnerability in Sophos Web Appliance
CVE-2014-2849 · HIGH Severity
AV:N/AC:L/AU:S/C:N/I:C/A:C
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
Learn more about our Web App Pen Testing.