Remote Command Injection Vulnerability in Sophos Web Appliance (SWA) Configuration Utilities (NSWA-1314)

CVE-2017-6183 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.

Learn more about our Web App Pen Testing.