← back
CVE-2014-2850

CVE-2014-2850

EPSS 57.6%
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/32789unverifiedexploitdbwww.exploit-db.com/exploits/32789unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/57706http://www.exploit-db.com/exploits/32789http://www.securityfocus.com/bid/66734http://www.sophos.com/en-us/support/knowledgebase/120230.aspxhttp://www.zerodayinitiative.com/advisories/ZDI-14-069/