CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023.
CVE-2023-1671 is a pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance that allows attackers to execute arbitrary code.
Sophos Web Appliance is a web gateway appliance that functions as a web proxy and scans potentially harmful content for numerous forms of malware.
The vulnerability was disclosed in early April by an external security researcher through the Sophos bug bounty program. It affected all versions of the appliances prior to version 18.104.22.168.