exploitDog

GHSA-cwhp-m7c7-w6rm

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.7

Описание

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.

Ссылки

EPSS

Процентиль: 79%

0.01223

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2017-6184

CVSS3: 4.7

nvd

почти 9 лет назад

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.

EPSS

Процентиль: 79%

0.01223

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-77