CVE-2020-29574

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL...

Basic Information

CVE State: PUBLISHED
Reserved Date: December 05, 2020
Published Date: December 11, 2020
Last Updated: February 10, 2025
Vendor: n/a
Product: n/a
Description: An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.

CVSS Scores

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2025-02-06 00:00:00 UTC) Source

References

https://www.cyberoam.com/ngfw.html https://www.bleepingcomputer.com/news/security/sophos-fixes-sql-injection-vulnerability-in-their-cyberoam-os/

Known Exploited Vulnerability Information

Source	Added Date
CISA	2025-02-06 00:00:00 UTC