Known Vulnerabilities for Web Appliance by Sophos
Listed below are 10 of the newest known vulnerabilities associated with "Web Appliance" by "Sophos".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
More device details and information can be found at device.report here: Sophos Web Appliance
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42930 json | When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance m... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-41217 json | A vulnerability exists in an undisclosed BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with resou... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-40061 json | When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command t... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-34176 json | When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl RES... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-32673 json | A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator o... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-27101 json | Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Improper L... | Not Provided | 2026-04-01 | 2026-04-02 |
| CVE-2026-24464 json | When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl REST endpoint that may ... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-20152 json | A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an... | Not Provided | 2026-04-15 | 2026-04-16 |
| CVE-2026-20106 json | A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Securi... | Not Provided | 2026-03-04 | 2026-03-11 |
| CVE-2026-20105 json | A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Softwar... | Not Provided | 2026-03-04 | 2026-03-04 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sophos | Web Appliance | 4.3.1.1 | |||
| Application | Sophos | Web Appliance | 3.8.1 | |||
| Application | Sophos | Web Appliance | 3.8.0 | |||
| Application | Sophos | Web Appliance | 3.7.9 | |||
| Application | Sophos | Web Appliance | 3.7.8.2 | |||
| Application | Sophos | Web Appliance | 3.7.8.1 | |||
| Application | Sophos | Web Appliance | 3.7.8 | |||
| Application | Sophos | Web Appliance | 3.7.7 | |||
| Application | Sophos | Web Appliance | 3.7.6 | |||
| Application | Sophos | Web Appliance | 3.7.5 | |||
| Application | Sophos | Web Appliance | 3.7.4 | |||
| Application | Sophos | Web Appliance | 3.7.3 | |||
| Application | Sophos | Web Appliance | 3.7.2 | |||
| Application | Sophos | Web Appliance | 3.7.1 | |||
| Application | Sophos | Web Appliance | 3.7.0 | |||
| Application | Sophos | Web Appliance | 3.6.4.2 | |||
| Application | Sophos | Web Appliance | 3.6.4.1 | |||
| Application | Sophos | Web Appliance | 3.6.4 | |||
| Application | Sophos | Web Appliance | 3.6.3 | |||
| Application | Sophos | Web Appliance | 3.6.2.4.1 |