Open Reverse Proxy Vulnerability in Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control

CVE-2016-6597 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus Traveler is enabled, allows remote attackers to access arbitrary web-resources from the backend mail system via a request for the resource, aka an Open Reverse Proxy vulnerability.

Learn more about our Web App Pen Testing.