CVE-2013-4983
Sophos Web Appliance <3.7.9.1, <3.8.1.1 - Command Injection
Title source: llmDescription
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/28334
metasploit
WORKING POC
EXCELLENT
by Francisco Falcon, juan vazquez · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/sophos_wpa_sblistpack_exec.rb
Scores
EPSS
0.9272
EPSS Percentile
99.8%
Details
CWE
CWE-78
Status
published
Products (50)
sophos/web_appliance_firmware
3.7.8
sophos/web_appliance_firmware
3.0.0
sophos/web_appliance_firmware
3.0.1
sophos/web_appliance_firmware
3.0.1.1
sophos/web_appliance_firmware
3.0.2
sophos/web_appliance_firmware
3.0.3
sophos/web_appliance_firmware
3.0.4
sophos/web_appliance_firmware
3.0.5
sophos/web_appliance_firmware
3.0.5.1
sophos/web_appliance_firmware
3.1.0
... and 40 more
Published
Sep 10, 2013
Tracked Since
Feb 18, 2026