漏洞描述
Sophos Web Appliance的warn-proceed处理程序中存在命令注入漏洞,允许执行任意代码。
Sophos Web Appliance 命令注入漏洞(CVE-2023-1671)
PoC代码
暂无相关漏洞推荐
- Cisco Secure Firewall Adaptive Security Appliance 缓冲区溢出漏洞
- Dell KACE Systems Management Appliance (K1000)存在命令执行漏洞(CVE-2019-20504)
- POC CVE-2016-7552: Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass
- POC CVE-2019-20504: Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Remote Code Execution
- POC CVE-2020-25223: Sophos UTM Preauth - Remote Code Execution
- POC CVE-2020-3187: Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal
- POC CVE-2020-3452: Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion
- POC CVE-2021-44529: Ivanti EPM Cloud Services Appliance Code Injection
- POC CVE-2021-46387: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting
- POC CVE-2022-1040: Sophos Firewall <=18.5 MR3 - Remote Code Execution
- POC CVE-2022-3980: Sophos Mobile managed on-premises - XML External Entity Injection
- POC CVE-2022-41800: F5 BIG-IP Appliance Mode - Command Injection
- POC CVE-2023-1671: Sophos Web Appliance - Remote Code Execution