2 matches found
CVE-2024-13973
A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 21.0.1 can potentially lead to administrators achieving arbitrary code execution...
Sophos XG firewall API Configuration component shell escape vulnerability
Sophos XG firewall is a next-generation endpoint protection and enterprise-class firewall product from Sophos UK.API Configuration is one of the API configuration components. A security vulnerability exists in the /webconsole/APIController of the API Configuration component in Sophos XG firewall...