Bypassing Access Restrictions in Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5
CVE-2016-7786 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5.
Learn more about our User Device Pen Test.