This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Sophos Advisory] CVE-2019-17059: Cyberoam Firewall Remote Code Execution Vulnerability

Hi everyone,

A critical shell injection vulnerability was recently discovered in Sophos Cyberoam Firewall appliances running CyberoamOS (CROS) version 10.6.6 MR-5 or earlier and responsibly disclosed to Sophos by an external security researcher.

The vulnerability can be potentially exploited by sending a malicious request to either the Web Admin or SSL VPN consoles, which would enable an unauthenticated remote attacker to execute arbitrary commands.

For more information, please refer to the below information:



This thread was automatically locked due to age.