CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2023-1671

CVSS 9.8v3.1pub. 2023-04-04upd. 2025-10-27

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sophos Web Appliance

    APP
    Sophos
    < 4.3.10.4

CISA KEV — detailsi

Vendori
Sophos
Producti
Web Appliance
Added to KEVi
November 16, 2023
Remediation deadline (US Federal)i
December 7, 2023(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 7 grudnia 2023
CWE
References

Related vulnerabilities

CVE-2017-6182CRITICAL9.8ten sam produkt

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating ...

CVE-2022-4934HIGH7.2ten sam produkt

A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version...

CVE-2017-6183HIGH7.2ten sam produkt

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (a...

CVE-2017-6412HIGH8.1ten sam produkt

In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.

CVE-2016-9554HIGH7.2ten sam produkt

The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Comman...