Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sophos firewall vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3711
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA.
Sophos Xg Firewall Firmware
NA
CVE-2022-3710
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA.
Sophos Xg Firewall Firmware
6.5
CVSSv2
CVE-2018-16116
SQL injection vulnerability in AccountStatus.jsp in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated malicious users to execute arbitrary SQL commands via the "username" GET parameter.
Sophos Sfos 17.0.8
5
CVSSv2
CVE-2004-2252
The firewall in Astaro Security Linux prior to 4.024 sends responses to SYN-FIN packets, which makes it easier for remote malicious users to obtain information about the system and construct specialized attacks.
Sophos Astaro Security Linux
4.3
CVSSv2
CVE-2016-9834
An XSS vulnerability allows remote malicious users to execute arbitrary client side script on vulnerable installations of Sophos Cyberoam firewall devices with firmware up to and including 10.6.4. User interaction is required to exploit this vulnerability in that the target must ...
Sophos Cyberoam Firmware
1 EDB exploit
NA
CVE-2017-12854
Sophos XG Firewall 16.05.4 MR-4 - Path Traversal
1 EDB exploit
7.5
CVSSv2
CVE-2015-6811
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter to login.xml.
Cyberoam Cyberoamos 10.6.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3