Published Vulnerabilities

Cyberoam UTM – Manually SQL Injection Exploitation

With the release of the bug for Cyberoam UTM Appliance we wanted to give a detailed write up on the vulnerability. Benjamin Kunz Mejri & Pim J.F.P. Campers penetrated manually some month ago the security appliance cyberoam. Both detected (auth) a critical sql injection vulnerability. Before going indepth on the vulnerability first an description on what this product actually is an does.