Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sophos Cyberoam CR500iNG-XP防火墙SQL注入漏洞
Vulnerability Description
Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS是英国Sophos公司的一款运行有CyberoamOS操作系统的新一代防火墙,它提供在线应用程序检测和控制、网页过滤、HTTPS检查、入侵防护等功能。 运行CyberoamOS 10.6.2 MR-1及之前版本的Sophos Cyberoam CR500iNG-XP防火墙设备中存在SQL注入漏洞,该漏洞源于login.xml文件没有充分过滤‘username’参数。远程攻击者可利用该
CVSS Information
N/A
Vulnerability Type
N/A