SQL Injection Vulnerability in Sophos Cyberoam Guest Login Portal

SQL Injection Vulnerability in Sophos Cyberoam Guest Login Portal

CVE-2014-5503 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the add_guest_user opcode.

Learn more about our Cis Benchmark Audit For Sophos.