CVE-2013-2642

Name of the Vulnerable Software and Affected Versions Sophos Web Appliance versions prior to 3.7.8.2

Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page when using the user workstation variable in a customized template. Additionally, remote authenticated users can execute arbitrary commands via shell metacharacters in the url parameter to the Diagnostic Tools functionality or entries parameter to the Local Site List functionality.

Recommendations For Sophos Web Appliance versions prior to 3.7.8.2, update to version 3.7.8.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Block page, Diagnostic Tools functionality, and Local Site List functionality to minimize the risk of exploitation. Avoid using the client-ip, url, and entries parameters in the affected functionalities until the issue is resolved.