Sophos Web Appliance UsrBlocked.php command injection

Added: 11/24/2023
CVE: CVE-2023-1671

Background

Sophos Web Appliance is a web proxy providing HTTP security.

Problem

A vulnerability in UsrBlocked.php allows remote attackers to inject arbitrary commands into an HTTP request.

Resolution

Upgrade to Sophos Web Appliance 4.3.10.4 or higher.

References

https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce
https://vulncheck.com/blog/cve-2023-1671-analysis

Back to exploit index