565 matches found
PT-2022-23706 · Sophos · Sophos Firewall
Name of the Vulnerable Software and Affected Versions: Sophos Firewall versions prior to 19.5 GA Description: A post-auth code injection issue allows admins to execute code in the Webadmin of Sophos Firewall. This issue does not specify the estimated number of potentially affected devices worldwi...
CVE-2022-3696
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3709
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3696
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...
Sophos Firewall Code Execution Vulnerability
Sophos Firewall is a firewall from Sophos UK. A code execution vulnerability exists in Sophos Firewall 19.0.1 and prior versions, which fails to properly filter special elements of constructed snippets in User Portal and Webadmin. An attacker can exploit the vulnerability to cause arbitrary code...
The vulnerability of the User Portal and Webadmin network interface components of Sophos allows a hacker to execute arbitrary code.
The vulnerability of the User Portal and Webadmin network interface components of Sophos is related to the possibility of injecting code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Vulnerability fixed in Sophos Firewall
A vulnerability has been fixed in Sophos Firewall.The vulnerability is located in the User Portal and Webadmin of the Sophos Firewall. The vulnerability allows a remote malicious person able to execute arbitrary code. Sophos has indicated that this vulnerability is being exploited on a limited...
Security bulletin: Multiple vulnerabilities in IBM's Netezza WebAdmin 6.0.5, 6.0.8 and 7.0 (CVE-2012-5760, CVE-2012-5761, CVE-2012-5762, CVE-2012-5763, CVE-2012-5940, CVE-2012-5941)
Abstract Multiple vulnerabilities have been identified in the IBM Netezza WebAdmin application. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-5760 DESCRIPTION: Elements that could modify a SQL command are not neutralized correctly. The attack will not produce any visible outcome/output in the...
Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released
Security software company Sophos has released a patch update for its firewall product after it was discovered that attackers were exploiting a new critical zero-day vulnerability to attack its customers' network. The issue, tracked as CVE-2022-3236 CVSS score: 9.8, impacts Sophos Firewall v19.0 M...
CVE-2022-3236
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older...
Code injection
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older...
CVE-2022-3236
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older...
Sophos Firewall Code Injection Vulnerability
A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution...
PT-2022-4853
Name of the Vulnerable Software and Affected Versions Sophos Firewall versions prior to v19.0 MR1 Description A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows a remote attacker to execute code. The vulnerability is being actively exploited by hackers in...
CVE-2022-3236
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. Recent assessments: cbeek-r7 at September 06, 2024 6:10pm UTC reported: On September 5th 2024, CISA released a security bulletin highlighting the...
VulnCheck KEV: CVE-2022-3236
A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution...
CVE-2022-1807
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1...
CVE-2022-1807
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1...
Sql injection
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1...
CVE-2022-1807
CVE-2022-1807 describes multiple SQL injection vulnerabilities in the Webadmin component of Sophos Firewall, enabling privilege escalation from admin to super-admin. Affected products/versions: Sophos Firewall Webadmin prior to 18.5 MR4 and prior to 19.0 MR1. Root cause: SQLi in Webadmin leading ...