Unrated severityNVD Advisory· Published Oct 7, 2014· Updated Jun 17, 2026
CVE-2014-5502
CVE-2014-5502
Description
The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:o:cyberoam:cyberoam_os:*:ga:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:cyberoam:cyberoam_os:*:ga:*:*:*:*:*:*range: <=10.4
- cpe:2.3:o:cyberoam:cyberoam_os:*:rc4:*:*:*:*:*:*range: <=10.6.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.