CVE-2020-29574
CyberoamOS (CROS) SQL Injection Vulnerability
CVSS
—
Sin CVSS
EPSS
4.7%
p91
KEV
SÍ
6 feb 2025
Exploit Today
77
0-100
Publicado: — · Última mod.: —
Producto
Sophos / CyberoamOS
Vulnerabilidad
CyberoamOS (CROS) SQL Injection Vulnerability
Añadido a KEV
6 feb 2025
Remediar antes de
27 feb 2025
Uso conocido en ransomware
No
Descripción resumida
CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely.
Acción requerida
The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
Notas
https://support.sophos.com/support/s/article/KBA-000007526 ; https://nvd.nist.gov/vuln/detail/CVE-2020-29574
Sin CVEs relacionados por CWE o producto.