Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)


CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023.

About CVE-2023-1671

CVE-2023-1671 is a pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance that allows attackers to execute arbitrary code.

Sophos Web Appliance is a web gateway appliance that functions as a web proxy and scans potentially harmful content for numerous forms of malware.

The vulnerability was disclosed in early April by an external security researcher through the Sophos bug bounty program. It affected all versions of the appliances prior to version

Read more…