CVE-2020-29574β€”CyberoamOS (CROS) SQL Injection Vulnerability

PUBLISHEDvulnerability record
2025-02-06 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2020-29574
Project:
Sophos
Product:
CyberoamOS
Date Added:
2025-02-06
Due Date:
2025-02-27
Last Updated:
June 21, 2025

Vulnerability Name

CyberoamOS (CROS) SQL Injection Vulnerability

Description

CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.

Additional Notes

Related News Articles

Related Weaknesses