Lucene search

K
saintSAINT CorporationSAINT:4A73A5CD7FE341977E86117842CBB67D
HistoryAug 27, 2021 - 12:00 a.m.

Sophos UTM Webadmin remote command execution

2021-08-2700:00:00
SAINT Corporation
my.saintcorporation.com
139

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

Added: 08/27/2021

Background

Sophos UTM is a network security appliance.

Problem

A vulnerability in the Webadmin interface allows remote attackers to execute arbitrary commands by sending a specially crafted POST request.

Resolution

Upgrade to Sophos SG UTM v9.511 MR11, v9.607 MR7, or v9.705 MR5 or higher.

References

<https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223&gt;
<https://www.atredis.com/blog/2021/8/18/sophos-utm-cve-2020-25223&gt;

Limitations

Exploit works on Sophos UTM v9.701 and possibly other versions.

Platforms

Linux

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

Related for SAINT:4A73A5CD7FE341977E86117842CBB67D