Lucene search
K

18 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.153 views

Sophos Firewall <=18.5 MR3 - Remote Code Execution

Sophos Firewall version v18.5 MR3 and older contains an authentication bypass vulnerability in the User Portal and Webadmin which could allow a remote attacker to execute code. id: CVE-2022-1040 info: name: Sophos Firewall =18.5 MR4 to mitigate this vulnerability. reference: -...

9.8CVSS9AI score0.99796EPSS
Exploits9References5
The Hacker News
The Hacker News
added 2024/11/08 2:2 p.m.100 views

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent...

10CVSS10AI score0.99999EPSS
Exploits366
GithubExploit
GithubExploit
added 2022/10/07 2:44 p.m.167 views

Exploit for CVE-2022-1040

Environment In Python Environment3.10 python3.10 It...

9.8CVSS9.9AI score0.99796EPSS
Exploits9
The Hacker News
The Hacker News
added 2022/09/26 12:14 p.m.82 views

Chinese Espionage Hackers Target Tibetans Using New LOWZERO Backdoor

A China-aligned advanced persistent threat actor known as TA413 weaponized recently disclosed flaws in Sophos Firewall and Microsoft Office to deploy a never-before-seen backdoor called LOWZERO as part of an espionage campaign aimed at Tibetan entities. Targets primarily consisted of organization...

9.8CVSS8.6AI score0.99796EPSS
Exploits71
0day.today
0day.today
added 2022/09/02 12:0 a.m.346 views

Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass Vulnerability

Aryan Chehreghani Exploit Title: Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sophos.com Version: 17.0.10 MR-10 Tested on: Windows 11 CVE : CVE-2022-1040 VULNERABILITY DETAILS : This vulnerability allows an attacker to...

9.8CVSS0.4AI score0.99796EPSS
Exploits9
Exploit DB
Exploit DB
added 2022/09/02 12:0 a.m.137 views

Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass

Exploit Title: Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass Date: 2022-08-04 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sophos.com Version: 17.0.10 MR-10 Tested on: Windows 11 CVE : CVE-2022-1040 VULNERABILITY DETAILS : This vulnerability allows an attacker to...

9.8CVSS9.8AI score0.99796EPSS
Exploits9
Packet Storm
Packet Storm
added 2022/08/10 12:0 a.m.471 views

Sophos XG115w Firewall 17.0.10 MR-10 Authentication Bypass

Exploit Title: Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass Date: 2022-08-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sophos.com Version: 17.0.10 MR-10 Tested on: Windows 11 CVE : CVE-2022-1040 VULNERABILITY DETAILS : This vulnerability allows an attacker to...

9.8CVSS0.8AI score0.99796EPSS
Exploits9
The Hacker News
The Hacker News
added 2022/07/21 12:2 p.m.84 views

Hackers Target Ukrainian Software Company Using GoMet Backdoor

A large software development company whose software is used by different state entities in Ukraine was at the receiving end of an "uncommon" piece of malware, new research has found. The malware, first observed on the morning of May 19, 2022, is a custom variant of the open source backdoor known ...

10CVSS1.5AI score0.99999EPSS
Exploits69
Talos Blog
Talos Blog
added 2022/07/21 12:0 p.m.377 views

Attackers target Ukraine using GoMet backdoor

Executive summary Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage of cyber attacks. Working jointly with Ukrainian organizations, Cisco Talos has discovered a fairly uncommon piece of malware targeting Ukraine — this time aimed at a large software...

10CVSS0.4AI score0.99999EPSS
Exploits69
The Hacker News
The Hacker News
added 2022/06/17 9:39 a.m.755 views

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

A sophisticated Chinese advanced persistent threat APT actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implemented an interesting web...

9.8CVSS10AI score0.99999EPSS
Exploits85
Check Point Advisories
Check Point Advisories
added 2022/05/24 12:0 a.m.26 views

Sophos MR3 Firewall Remote Code Execution (CVE-2022-1040)

A remote code execution vulnerability exists in Sophos MR3 Firewall. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.6AI score0.99796EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2022/05/13 12:0 a.m.418 views

Sophos XG Firewall User Portal and Webadmin Authentication Bypass (CVE-2022-1040)

Binary data sophosxgfirewallcve-2022-1040.nbin...

9.8CVSS9.9AI score0.99796EPSS
Exploits9References4
hivepro
hivepro
added 2022/03/30 1:16 p.m.110 views

Sophos Firewall RCE vulnerability actively exploited

THREAT LEVEL: Amber For a detailed advisory, download the pdf file here A security researcher has discovered an authentication bypass vulnerability that resides in the User Portal and Webadmin areas of Sophos Firewall. Attackers are actively exploiting this vulnerability to attack enterprises in...

7.5CVSS2.1AI score0.99796EPSS
Exploits9
The Hacker News
The Hacker News
added 2022/03/29 10:32 a.m.61 views

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation

Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks. The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scoring system and impacts Sophos Firewall versions...

9.8CVSS1.8AI score0.99796EPSS
Exploits9
Circl
Circl
added 2022/03/25 3:30 p.m.14 views

CVE-2022-1040

creationtimestamp| type| source ---|---|--- 2022-03-25 15:30:39+00:00| seen| https://t.me/cibsecurity/39533 2022-03-27 14:33:12+00:00| seen| https://t.me/BleepingComputer/11671 2022-03-27 19:17:05+00:00| seen| https://t.me/cKure/9191 2022-03-28 10:46:00+00:00| exploited|...

9.8CVSS7.5AI score0.99796EPSS
Exploits9References41
NVD
NVD
added 2022/03/25 12:15 p.m.26 views

CVE-2022-1040

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older...

9.8CVSS0.99796EPSS
Exploits9References4
Vulnrichment
Vulnrichment
added 2022/03/25 12:10 p.m.11 views

CVE-2022-1040

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older...

9.8CVSS9.9AI score0.99796EPSS
Exploits9References3
ATTACKERKB
ATTACKERKB
added 2022/03/25 12:0 a.m.275 views

CVE-2022-1040

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. Recent assessments: jbaines-r7 at April 15, 2022 7:28pm UTC reported: On March 25, 2022, Sophos published a critical security advisory fo...

9.8CVSS10AI score0.99796EPSS
In wildExploits9References5
Rows per page
Query Builder