Vulnerabilities > Sophos > Cyberoamos > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-29574 SQL Injection vulnerability in Sophos Cyberoamos
An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.
network
low complexity
sophos CWE-89
critical
9.8
2019-10-11 CVE-2019-17059 OS Command Injection vulnerability in Sophos Cyberoamos
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.
network
low complexity
sophos CWE-78
critical
9.8