Vulnerability Details CVE-2015-6811
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.1%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2015-6811
-
cpe:2.3:h:cyberoam:cr500ing-xp:-
-
cpe:2.3:o:cyberoam:cyberoamos:10.6.2