Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos sfos 17.0 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2018-16118
A shell escape vulnerability in /webconsole/APIController in the API Configuration component of Sophos XG firewall 17.0.8 MR-8 allows remote malicious users to execute arbitrary OS commands via shell metachracters in the "X-Forwarded-for" HTTP header.
Sophos Sfos 17.0
Sophos Sfos 17.0.8
Sophos Sfos 17.1
Sophos Sfos
Sophos Sfos 16.5
7.5
CVSSv2
CVE-2020-12271
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 prior to 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone...
Sophos Sfos 17.1
Sophos Sfos 17.0
Sophos Sfos 18.0
Sophos Sfos 17.5
4.3
CVSSv2
CVE-2017-18014
An NC-25986 issue exists in the Logging subsystem of Sophos XG Firewall with SFOS prior to 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page (Control Center -> Log Viewer -> in the filter option "Web Server Protect...
Sophos Sfos
Sophos Sfos 17.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started