Remote Command Injection Vulnerability in Sophos Web Appliance (SWA) before 4.3.1.2 via Token Parameter (NSWA-1303)
CVE-2017-6184 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
Learn more about our Web App Pen Testing.