Friday, April 7, 2017

CVE-2016-7786 - Sophos Cyberoam UTM - Privilege Escalation

In this small article I am going to share one of my zero day that I found a while back ago in Sophos Cyberoam UTM device.
Here are the vulnerability details:
# Exploit Title: Privilege Escalation
# Date Discovered: 31/08/2016
# Vendor Homepage:
# Version: Cyberoam CR25iNG - 10.6.3 MR-5
# CVE : CVE-2016-7786

Cyberoam company is acquired by Sophos. Cyberoam provides many security solution. One of them is hardware UTM devices. I have found flaw particularly in CR25iNG - 10.6.3 MR-5 model of their UTM device.

Detailed explanation of the issue is mentioned in following video: