CVE-2014-2850

Sophos Web Appliance Firmware < 3.8.2 - Authenticated OS Command Injection via Network Interface Address Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-2850. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits CVE-2024-2850 by chaining a mass assignment vulnerability to change the admin password and a command injection flaw in the network interface configuration to achieve remote code execution as root on Sophos Web Protection Appliance.

Description

The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremoteunix

https://www.exploit-db.com/exploits/32789

View Code ZIP pw:eip

This Metasploit module exploits CVE-2024-2850 by chaining a mass assignment vulnerability to change the admin password and a command injection flaw in the network interface configuration to achieve remote code execution as root on Sophos Web Protection Appliance.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Sophos Web Protection Appliance 3.8.1.1

Auth required

Prerequisites: Valid credentials for an authenticated user · Network access to the target appliance

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/66734

Vendor Advisory x_refsource_confirm

http://www.sophos.com/en-us/support/knowledgebase/120230.aspx

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-14-069/

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/32789

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/57706

Scores

EPSS 0.5757

EPSS Percentile 99.0%

Details

CWE

CWE-78

Status published

Products (50)

sophos/web_appliance

sophos/web_appliance_firmware 3.7.8

sophos/web_appliance_firmware 3.0.0

sophos/web_appliance_firmware 3.0.1

sophos/web_appliance_firmware 3.0.1.1

sophos/web_appliance_firmware 3.0.2

sophos/web_appliance_firmware 3.0.3

sophos/web_appliance_firmware 3.0.4

sophos/web_appliance_firmware 3.0.5

sophos/web_appliance_firmware 3.0.5.1

... and 40 more

Published Apr 11, 2014

Tracked Since Feb 18, 2026