An authentication bypass vulnerability in the User Portal and Webadmin allows a remote malicious user to execute code in Sophos Firewall version v18.5 MR3 and older.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos sfos |
Get our weekly newsletter Authentication bypass followed by remote-code execution at the network boundary Sophos: Log4Shell would have been a catastrophe without the Y2K-esque mobilisation of engineers
Sophos has patched a remote code execution (RCE) vulnerability in its firewall gear that was disclosed via its bug-bounty program. The supplier wrote in a brief notice on Friday that an authentication bypass flaw can be potentially exploited over the network or internet by miscreants to execute malicious code on a victim's equipment, hijacking it effectively. The flaw is present in the User Portal and Webadmin user interfaces of Sophos Firewall. This product, using its Xstream architecture, is s...
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Code-injection bug in your network security... mmm, yum yum
A critical code-injection vulnerability in Sophos Firewall has been fixed — but not before miscreants found and exploited the bug. The flaw, tracked as CVE-2022-3236, exists in the User Portal and Webadmin components of the firewall in versions 19.0 and older. While it hasn't been issued a CVSS severity score, Sophos deemed it "critical" and noted that it allowed for remote code execution. "Sophos has observed this vulnerability being used to target a small set of specific organizations, ...