Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Xg Firewall Firmware Security Vulnerabilities - 2020

cve
cve

CVE-2020-15069

Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.

9.8CVSS

9.8AI Score

0.01EPSS

2020-06-29 06:15 PM
38
cve
cve

CVE-2020-15504

A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 (named MR-1-Build396) and the v17.5 MR13 release. All other versio...

9.8CVSS

9.6AI Score

0.001EPSS

2020-07-10 05:15 PM
37
cve
cve

CVE-2020-17352

Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code.

8.8CVSS

9AI Score

0.002EPSS

2020-08-07 08:15 PM
51