Vulnerabilities > Sophos > WEB Appliance > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-04 | CVE-2023-1671 | Command Injection vulnerability in Sophos web Appliance A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. | 9.8 |
2017-03-30 | CVE-2017-6182 | OS Command Injection vulnerability in Sophos web Appliance In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. | 9.8 |