417 matches found
Default credentials
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710...
Sql injection
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710...
CVE-2022-0652
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710...
CVE-2022-0652
Sophos UTM vulnerability CVE-2022-0652 involves insecure permissions on Confd log files containing SHA512crypt password hashes for local users (including root). A local attacker could perform offline brute-force attacks on these hashes. Affected products are Sophos UTM versions prior to 9.710. Re...
CVE-2022-0386
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710...
CVE-2022-0386
CVE-2022-0386 is a post-auth SQL injection vulnerability in Sophos UTM’s Mail Manager. The issue could allow an authenticated attacker to execute code on affected appliances, prior to version 9.710. Evidence from multiple sources confirms the vulnerability in Sophos UTM, with CVSS data indicating...
Vulnerabilities fixed in Sophos SG UTM
Vulnerabilities have been fixed in Sophos SG UTM. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS SQL Injection Access to sensitive data Sophos has fixed the vulnerabilities in SG UTM version 9.710. More...
Stormshield Network Security Code Issue Vulnerability
Stormshield Network Security is a next-generation UTM Unified Threat Management firewall from Stormshield France. Stormshield Network Security SNS suffers from a code issue vulnerability that stems from the first SSH password change not properly clearing the old password under certain update...
Vulnerability fixed in Sophos SG UTM
A SQL injection vulnerability has been fixed in the user portal of Sophos SG UTM. An authenticated user could potentially execute arbitrary code. Sophos has released updates to fix the vulnerabilities. For more information, see: https://www.sophos.com/en-us/security-advisories...
Code injection
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8...
CVE-2021-36807
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8...
CVE-2021-36807
Sophos SG UTM (user portal) is affected by an SQL injection vulnerability that allows an authenticated user to potentially execute code. Root cause: improper SQL handling in the user portal before version 9.708 MR8. Impact: authenticated code execution with high severity; affects confidentiality,...
Sophos SG UTM SQL注入漏洞
Sophos SG UTM is a security gateway from Sophos UK. The product is used to protect computer nodes on a local area network. A security vulnerability exists in the user portal prior to SG UTM version 9.708 MR8, through which an authenticated user may be able to execute code...
Weak password vulnerability in Huawei USG2210E
The USG2210E Security Gateway is a new generation firewall/UTM appliance designed for small and medium-sized businesses/branch offices. A weak password vulnerability exists in Huawei USG2210E, which can be exploited by attackers to obtain sensitive information...
The vulnerability of the UserGate UTM corporate network interface of UserGate D500 allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the UserGate UTM corporate network interface of UserGate D500 exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...
Sophos UTM WebAdmin SID Command Injection
This module exploits an SID-based command injection in Sophos UTM's WebAdmin interface to execute shell commands as the root user. Module Options msf use exploit/linux/http/sophosutmwebadminsidcmdinjection msf exploitsophosutmwebadminsidcmdinjection show targets ...targets... msf...
Sophos UTM WebAdmin SID Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sophos UTM WebAdmin SID Command Injection', 'Description' = %q This module exploits an SID-based command injection in Sophos UTM's WebAdmin...
Exploit for OS Command Injection in Sophos Unified_Threat_Management
CVE-2020-25223 A PoC script for testing CVE-2020-2...
Sophos UTM Webadmin remote command execution
Added: 08/27/2021 Background Sophos UTM is a network security appliance. Problem A vulnerability in the Webadmin interface allows remote attackers to execute arbitrary commands by sending a specially crafted POST request. Resolution Upgrade to Sophos SG UTM v9.511 MR11, v9.607 MR7, or v9.705 MR5 ...
Sophos UTM Webadmin remote command execution
Added: 08/27/2021 Background Sophos UTM is a network security appliance. Problem A vulnerability in the Webadmin interface allows remote attackers to execute arbitrary commands by sending a specially crafted POST request. Resolution Upgrade to Sophos SG UTM v9.511 MR11, v9.607 MR7, or v9.705 MR5 ...