Exploit for Sophos Web Appliance UsrBlocked.php command injection CVE-2023-1671

## https://sploitus.com/exploit?id=SAINT:A0B3E7D7988B6E0CEE8B6F6D9BF4E0A6
Added: 11/24/2023  
CVE: CVE-2023-1671  


### Background

Sophos Web Appliance is a web proxy providing HTTP security. 

### Problem

A vulnerability in `**UsrBlocked.php**` allows remote attackers to inject arbitrary commands into an HTTP request. 

### Resolution

Upgrade to Sophos Web Appliance 4.3.10.4 or higher. 

### References

https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce   
https://vulncheck.com/blog/cve-2023-1671-analysis