Arbitrary Command Execution Vulnerability in Sophos Web Appliance

Arbitrary Command Execution Vulnerability in Sophos Web Appliance

CVE-2014-2850 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.

Learn more about our Web App Pen Testing.