CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29574

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.147

EPSS Ranking 94.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

Proposed Action

CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely.

Ransomware Campaign

Unknown

References

Products affected by CVE-2020-29574

Sophos » Cyberoamos » Version: 10.6.1

cpe:2.3:o:sophos:cyberoamos:10.6.1
Sophos » Cyberoamos » Version: 10.6.2

cpe:2.3:o:sophos:cyberoamos:10.6.2
Sophos » Cyberoamos » Version: 10.6.3

cpe:2.3:o:sophos:cyberoamos:10.6.3
Sophos » Cyberoamos » Version: 10.6.4

cpe:2.3:o:sophos:cyberoamos:10.6.4
Sophos » Cyberoamos » Version: 10.6.5

cpe:2.3:o:sophos:cyberoamos:10.6.5
Sophos » Cyberoamos » Version: 10.6.6

cpe:2.3:o:sophos:cyberoamos:10.6.6
Sophos » Cyberoamos » Version: 2020-12-04

cpe:2.3:o:sophos:cyberoamos:2020-12-04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29574

Products

Pricing

Contact Us