Sophos Cyberoam CR35iNG UTM Firmware 10.6.2 Build 378
Approved changes feed: RSS · Atom
cpe:2.3:o:sophos:cyberoam_cr35ing_utm_firmware:10.6.2_build_378:*:*:*:*:*:*:*
part: o version: 10.6.2_build_378 update: *
| Vendor | Sophos (a481dca1-298d-56ee-9d5c-373f6e8cead2) |
|---|---|
| Product | Cyberoam Cr35Ing Utm Firmware (ae4acf2f-6384-5902-95aa-59547ce7b002) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-3968 |
vulnerable | 2026-06-03 14:35:46.905337 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header.
Published: 2016-04-06T18:00:00.000Z
Updated: 2024-09-16T16:13:30.004Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.