VYPR
Unrated severityNVD Advisory· Published Oct 7, 2014· Updated Jun 17, 2026

CVE-2014-5502

CVE-2014-5502

Description

The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:o:cyberoam:cyberoam_os:*:ga:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:cyberoam:cyberoam_os:*:ga:*:*:*:*:*:*range: <=10.4
    • cpe:2.3:o:cyberoam:cyberoam_os:*:rc4:*:*:*:*:*:*range: <=10.6.1
  • Sophos/Cyberoamllm-fuzzy
    Range: <10.6.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.