Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-4983
HistorySep 10, 2013 - 11:28 a.m.

CVE-2013-4983

2013-09-1011:28:40
CWE-78
[email protected]
web.nvd.nist.gov
2

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.952

Percentile

99.4%

JSON

The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.

Affected configurations

Nvd
Node
sophosweb_appliance_firmwareMatch3.7.8
OR
sophosweb_appliance_firmwareRange3.7.9
OR
sophosweb_appliance_firmwareMatch3.0.0
OR
sophosweb_appliance_firmwareMatch3.0.1
OR
sophosweb_appliance_firmwareMatch3.0.1.1
OR
sophosweb_appliance_firmwareMatch3.0.2
OR
sophosweb_appliance_firmwareMatch3.0.3
OR
sophosweb_appliance_firmwareMatch3.0.4
OR
sophosweb_appliance_firmwareMatch3.0.5
OR
sophosweb_appliance_firmwareMatch3.0.5.1
OR
sophosweb_appliance_firmwareMatch3.1.0
OR
sophosweb_appliance_firmwareMatch3.1.0.1
OR
sophosweb_appliance_firmwareMatch3.1.1
OR
sophosweb_appliance_firmwareMatch3.1.2
OR
sophosweb_appliance_firmwareMatch3.1.3
OR
sophosweb_appliance_firmwareMatch3.1.4
OR
sophosweb_appliance_firmwareMatch3.2.1
OR
sophosweb_appliance_firmwareMatch3.2.2
OR
sophosweb_appliance_firmwareMatch3.2.2.1
OR
sophosweb_appliance_firmwareMatch3.2.3
OR
sophosweb_appliance_firmwareMatch3.2.4
OR
sophosweb_appliance_firmwareMatch3.2.5
OR
sophosweb_appliance_firmwareMatch3.2.6
OR
sophosweb_appliance_firmwareMatch3.2.7
OR
sophosweb_appliance_firmwareMatch3.3.0
OR
sophosweb_appliance_firmwareMatch3.3.1
OR
sophosweb_appliance_firmwareMatch3.3.2
OR
sophosweb_appliance_firmwareMatch3.3.3
OR
sophosweb_appliance_firmwareMatch3.3.3.1
OR
sophosweb_appliance_firmwareMatch3.3.4
OR
sophosweb_appliance_firmwareMatch3.3.5
OR
sophosweb_appliance_firmwareMatch3.3.5.1
OR
sophosweb_appliance_firmwareMatch3.3.6
OR
sophosweb_appliance_firmwareMatch3.3.6.1
OR
sophosweb_appliance_firmwareMatch3.4.0
OR
sophosweb_appliance_firmwareMatch3.4.1
OR
sophosweb_appliance_firmwareMatch3.4.2
OR
sophosweb_appliance_firmwareMatch3.4.3
OR
sophosweb_appliance_firmwareMatch3.4.3.1
OR
sophosweb_appliance_firmwareMatch3.4.4
OR
sophosweb_appliance_firmwareMatch3.4.5
OR
sophosweb_appliance_firmwareMatch3.4.6
OR
sophosweb_appliance_firmwareMatch3.4.7
OR
sophosweb_appliance_firmwareMatch3.4.8
OR
sophosweb_appliance_firmwareMatch3.5.0
OR
sophosweb_appliance_firmwareMatch3.5.1
OR
sophosweb_appliance_firmwareMatch3.5.1.1
OR
sophosweb_appliance_firmwareMatch3.5.1.2
OR
sophosweb_appliance_firmwareMatch3.5.2
OR
sophosweb_appliance_firmwareMatch3.5.3
OR
sophosweb_appliance_firmwareMatch3.5.4
OR
sophosweb_appliance_firmwareMatch3.5.5
OR
sophosweb_appliance_firmwareMatch3.5.6
OR
sophosweb_appliance_firmwareMatch3.6.1
OR
sophosweb_appliance_firmwareMatch3.6.1.1
OR
sophosweb_appliance_firmwareMatch3.6.2
OR
sophosweb_appliance_firmwareMatch3.6.2.1
OR
sophosweb_appliance_firmwareMatch3.6.2.3
OR
sophosweb_appliance_firmwareMatch3.6.2.4.0
OR
sophosweb_appliance_firmwareMatch3.6.2.4.1
OR
sophosweb_appliance_firmwareMatch3.6.3
OR
sophosweb_appliance_firmwareMatch3.6.4
OR
sophosweb_appliance_firmwareMatch3.6.4.1
OR
sophosweb_appliance_firmwareMatch3.6.4.2
OR
sophosweb_appliance_firmwareMatch3.7.0
OR
sophosweb_appliance_firmwareMatch3.7.1
OR
sophosweb_appliance_firmwareMatch3.7.2
OR
sophosweb_appliance_firmwareMatch3.7.3
OR
sophosweb_appliance_firmwareMatch3.7.4
OR
sophosweb_appliance_firmwareMatch3.7.5
OR
sophosweb_appliance_firmwareMatch3.7.6
OR
sophosweb_appliance_firmwareMatch3.7.7
OR
sophosweb_appliance_firmwareMatch3.7.8.1
OR
sophosweb_appliance_firmwareMatch3.7.8.2
OR
sophosweb_appliance_firmwareMatch3.8.0
OR
sophosweb_appliance_firmwareMatch3.8.1
AND
sophosweb_applianceMatch-
VendorProductVersionCPE
sophosweb_appliance_firmware3.7.8cpe:2.3:a:sophos:web_appliance_firmware:3.7.8:*:*:*:*:*:*:*
sophosweb_appliance_firmware*cpe:2.3:o:sophos:web_appliance_firmware:*:*:*:*:*:*:*:*
sophosweb_appliance_firmware3.0.0cpe:2.3:o:sophos:web_appliance_firmware:3.0.0:*:*:*:*:*:*:*
sophosweb_appliance_firmware3.0.1cpe:2.3:o:sophos:web_appliance_firmware:3.0.1:*:*:*:*:*:*:*
sophosweb_appliance_firmware3.0.1.1cpe:2.3:o:sophos:web_appliance_firmware:3.0.1.1:*:*:*:*:*:*:*
sophosweb_appliance_firmware3.0.2cpe:2.3:o:sophos:web_appliance_firmware:3.0.2:*:*:*:*:*:*:*
sophosweb_appliance_firmware3.0.3cpe:2.3:o:sophos:web_appliance_firmware:3.0.3:*:*:*:*:*:*:*
sophosweb_appliance_firmware3.0.4cpe:2.3:o:sophos:web_appliance_firmware:3.0.4:*:*:*:*:*:*:*
sophosweb_appliance_firmware3.0.5cpe:2.3:o:sophos:web_appliance_firmware:3.0.5:*:*:*:*:*:*:*
sophosweb_appliance_firmware3.0.5.1cpe:2.3:o:sophos:web_appliance_firmware:3.0.5.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 771

Related

checkpoint_advisories 1
d2 1
packetstorm 2
cvelist 1
zdt 2
exploitdb 2
metasploit 1
prion 1
cve 1
nessus 1
exploitpack 1
coresecurity 1
seebug 1
securityvulns 2
openvas 1
dsquare 1
checkpoint_advisories
checkpoint_advisories
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution (CVE-2013-4983)
2013-10-15 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_SWA
2013-09-10 11:28:00
packetstorm
packetstorm
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
2013-09-17 00:00:00
Sophos Web Protection Appliance Command Injection
2013-09-07 00:00:00
cvelist
cvelist
CVE-2013-4983
2013-09-10 10:00:00
zdt
zdt
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
2013-09-17 00:00:00
Sophos Web Protection Appliance Command Injection Vulnerability
2013-09-07 00:00:00
exploitdb
exploitdb
Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit)
2013-09-17 00:00:00
Sophos Web Protection Appliance - Multiple Vulnerabilities
2013-09-09 00:00:00
metasploit
metasploit
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
2013-09-10 04:26:10
prion
prion
Code injection
2013-09-10 11:28:00
cve
cve
CVE-2013-4983
2013-09-10 11:28:40
nessus
nessus
Sophos Web Protection Appliance Multiple Vulnerabilities
2013-09-26 00:00:00
exploitpack
exploitpack
Sophos Web Protection Appliance - Multiple Vulnerabilities
2013-09-09 00:00:00
coresecurity
coresecurity
Sophos Web Protection Appliance Multiple Vulnerabilities
2013-09-06 00:00:00
seebug
seebug
Sophos Web Protection Appliance - Multiple Vulnerabilities
2014-07-01 00:00:00
securityvulns
securityvulns
[CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities
2013-09-11 00:00:00
Sophos Web Protection Appliance code execution
2013-09-11 00:00:00
openvas
openvas
Sophos Web Protection Appliance Multiple Vulnerabilities (Jul 2013) - Active Check
2013-09-09 00:00:00
dsquare
dsquare
Sophos Web Protection Appliance 3.8.1 RCE
2013-09-10 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.952

Percentile

99.4%

JSON
Related for NVD:CVE-2013-4983
checkpoint_advisories1d21packetstorm2cvelist1zdt2exploitdb2metasploit1prion1cve1nessus1exploitpack1coresecurity1seebug1securityvulns2openvas1dsquare1