Sophos Web Appliance vulnerability exploited in the wild

Three vulnerabilities have been added by CISA to its list of known exploited vulnerabilities. Among these is a major vulnerability (CVE-2023-1671) in the Sophos Web Appliance, which the business corrected in April 2023. Pre-auth command injection vulnerability CVE-2023-1671 in Sophos Web Appliance’s warn-proceed handler lets attackers run arbitrary code.

The Sophos Web Appliance is a web gateway appliance that checks for several types of malware and serves as a web proxy for potentially hazardous content.Through the Sophos bug bounty program, an external security researcher discovered the vulnerability in early April. All appliance versions earlier than 4.3.10.4 were impacted.

Sophos Web Appliance vulnerability exploited in the wild

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address

Sophos Web Appliance vulnerability exploited in the wild

20-Nov-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address