CVE-2023-1671CISA KEVEPSS p100.0%

CVE-2023-1671Sophos Web Appliance Command Injection Vulnerability

Sophos / Web Appliance

Description

Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution.

Scoring

EPSS100.00% probability of exploitation · percentile 100.0% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2023-11-16

(incoming)1

TypeTargetConfidenceTier
KEVEntrySophos Web Appliance Command Injection Vulnerabilitykev-cve-2023-16710%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Sophos Firewall Code Injection Vulnerability
CVE
Sophos Firewall Authentication Bypass Vulnerability
CVE
Sophos SG UTM Remote Code Execution Vulnerability
CVE
Sophos SFOS SQL Injection Vulnerability
CVE
SonicWall SMA100 Appliances OS Command Injection Vulnerability
CVE
CVE-2026-20910
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.