The /opt/cma/bin/clear_keys.pl Perl script in Sophos Web Protection Appliance, which can be executed by the 'spiderman' user with the sudo command without password, is prone to an OS command injection vulnerability, because its close_connections() function does not escape the second argument of the script before using it within a string that will be executed as a command by using backticks. This vulnerability can be abused to escalate privileges within the appliance from 'spiderman' to root.
CVE Link
Exploit Platform
Exploit Type
Product Name