559 matches found
Sophos XG Firewall User Portal and Webadmin Authentication Bypass (CVE-2022-1040)
Binary data sophosxgfirewallcve-2022-1040.nbin...
CVE-2021-25268
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA...
CVE-2021-25268
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA...
Design/Logic Flaw
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA...
Design/Logic Flaw
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA...
CVE-2021-25268
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA...
CVE-2021-25268
CVE-2021-25268 describes multiple XSS flaws in Sophos Firewall Webadmin that enable privilege escalation from a MySophos admin to an SFOS admin on systems running Sophos Firewall older than version 19.0 GA. The root cause is XSS in the Webadmin interface leading to higher-privilege access. Docume...
CVE-2021-25267
CVE-2021-25267 : Multiple XSS vulnerabilities in Sophos Firewall Webadmin allow privilege escalation from admin to super-admin on SFOS versions older than 19.0 GA. The issue is public in the CVE record and is referenced by multiple external advisories. Affected component: Webadmin (Sophos Firewal...
CVE-2021-25267
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA...
Sophos Firewall 跨站脚本漏洞
Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall versions prior to 19.0 GA that allows an attacker to escalate privileges from Administrator to Super Administrator in Webadmin of Sophos Firewall...
Sophos Firewall 跨站脚本漏洞
Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall versions prior to 19.0 GA that allows an attacker to escalate privileges from MySophos Administrator to SFOS Administrator in the Webadmin of Sophos Firewall...
Sophos XG Firewall <= 18.5.3 RCE
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEV...
Sophos Firewall Authentication Bypass Vulnerability
An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution...
Sophos Firewall RCE vulnerability actively exploited
THREAT LEVEL: Amber For a detailed advisory, download the pdf file here A security researcher has discovered an authentication bypass vulnerability that resides in the User Portal and Webadmin areas of Sophos Firewall. Attackers are actively exploiting this vulnerability to attack enterprises in...
CVE-2022-0331
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older...
CVE-2022-0331
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older...
Information disclosure
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older...
CVE-2022-0331
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older...
CVE-2022-0331
The CVE-2022-0331 entry describes an information-disclosure in Sophos Firewall Webadmin, allowing an unauthenticated remote attacker to read the device serial number on v18.5 MR2 and older. Affected component: Webadmin on Sophos Firewall. Root cause: information-disclosure in the Webadmin interfa...
Sophos Firewall 信息泄露漏洞
Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall version v18.5 MR2 and earlier, which stems from an information disclosure vulnerability in Webadmin that could allow an unauthenticated, remote attacker to read device serial numbers...