RSS   Podatności dla 'Cyberoam firmware'   RSS

2017-06-07
 
CVE-2016-9834

 

 
An XSS vulnerability allows remote attackers to execute arbitrary client side script on vulnerable installations of Sophos Cyberoam firewall devices with firmware through 10.6.4. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of a request to the "LiveConnectionDetail.jsp" application. GET parameters "applicationname" and "username" are improperly sanitized allowing an attacker to inject arbitrary JavaScript into the page. This can be abused by an attacker to perform a cross-site scripting attack on the user. A vulnerable URI is /corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp.

 

 >>> Vendor: Sophos 46 Produkty
Small business suite
Sophos anti-virus
Sophos puremessage anti-virus
Sophos small business suite
Sophos mailmonitor
Sophos mailmonitor for notes domino
Anti-virus
Endpoint security
Scanning engine
Es1000
Es4000
Anti-virus7.6.3
Puremessage for microsoft exchange
Unified threat management software
Unified threat management
Disk encryption
Safeguard easy device encryption client
Safeguard enterprise device encryption
Sophos endpoint security and control
Safeguard enterprise
Free encryption
Safeguard privatecrypto
Web appliance
Web appliance firmware
Enterprise console
Cyberoam cr100ing utm firmware
Cyberoam cr35ing utm firmware
Unified threat management up2date
Mobile control eas proxy
Cyberoam cr25ing utm firmware
Cyberoam firmware
Threat detection engine
Hitmanpro
Astaro security gateway firmware
SFOS
Sophos tester
Endpoint protection
Invincea-x
Invincea dell protected workspace
Safeguard enterprise client
Safeguard lan crypt client
Hitmanpro.alert
Ipsec client
Cyberoamos
Sophos secure email
Xg firewall firmware


Copyright 2020, cxsecurity.com

 

Back to Top