What is the severity of CVE-2016-9554?

CVE-2016-9554 has been assigned a medium severity rating due to the potential for remote command injection.

How do I fix CVE-2016-9554?

To fix CVE-2016-9554, update the Sophos Web Appliance to version 4.3.1 or later.

What systems are affected by CVE-2016-9554?

CVE-2016-9554 affects the Sophos Web Appliance version 4.2.1.3.

Can CVE-2016-9554 be exploited remotely?

Yes, CVE-2016-9554 can be exploited remotely through the web administrative interface.

What component is responsible for the vulnerability in CVE-2016-9554?

The vulnerability in CVE-2016-9554 resides in the MgrDiagnosticTools.php component of the Sophos Web Appliance.

Vulnerability/
CVE-2016-9554

critical

CWE

28/1/2017

6/8/2024

CVE-2016-9554: Command Injection

First published: Sat Jan 28 2017(Updated: )

The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn't properly escape the information passed in the 'url' variable before calling the executeCommand class function ($this->dtObj->executeCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the 'section' parameter) is: 'configuration'. Exploitation of this vulnerability yields shell access to the remote machine under the 'spiderman' user account.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Sophos Web Appliance Firmware	=4.2.1.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-9554?
CVE-2016-9554 has been assigned a medium severity rating due to the potential for remote command injection.
How do I fix CVE-2016-9554?
To fix CVE-2016-9554, update the Sophos Web Appliance to version 4.3.1 or later.
What systems are affected by CVE-2016-9554?
CVE-2016-9554 affects the Sophos Web Appliance version 4.2.1.3.
Can CVE-2016-9554 be exploited remotely?
Yes, CVE-2016-9554 can be exploited remotely through the web administrative interface.
What component is responsible for the vulnerability in CVE-2016-9554?
The vulnerability in CVE-2016-9554 resides in the MgrDiagnosticTools.php component of the Sophos Web Appliance.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/references
agent/author
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/sophos
canonical/sophos web appliance firmware
version/sophos web appliance firmware/4.2.1.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.