Sophos: >> Cyberoamos >> 10.6.5 Security Vulnerabilities
CVE-2020-29574
An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.
Known exploited
CVSS Score
9.8
EPSS Score
0.106
Published
2020-12-11
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.
CVSS Score
9.8
EPSS Score
0.056
Published
2019-10-11