CVE-2013-4984
Sophos Web Appliance <3.7.9.1, <3.8-3.8.1.1 - Privilege Escalation
Title source: llmDescription
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocallinux
https://www.exploit-db.com/exploits/28332
exploitdb
WORKING POC
VERIFIED
by Core Security · textwebappslinux
https://www.exploit-db.com/exploits/28175
metasploit
WORKING POC
EXCELLENT
by Francisco Falcon, juan vazquez · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/sophos_wpa_clear_keys.rb
Scores
EPSS
0.0777
EPSS Percentile
92.0%
Details
CWE
CWE-78
CWE-264
Status
published
Products (50)
sophos/web_appliance
3.0.0
sophos/web_appliance
3.0.1
sophos/web_appliance
3.0.1.1
sophos/web_appliance
3.0.2
sophos/web_appliance
3.0.3
sophos/web_appliance
3.0.4
sophos/web_appliance
3.0.5
sophos/web_appliance
3.0.5.1
sophos/web_appliance
3.1.0
sophos/web_appliance
3.1.0.1
... and 40 more
Published
Sep 10, 2013
Tracked Since
Feb 18, 2026