Sfos

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.

Published: 2022-03-25T12:10:10.000Z
Updated: 2025-10-21T23:15:43.601Z

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older.

Published: 2022-03-29T00:30:13.000Z
Updated: 2024-08-02T23:25:40.012Z

A heap-based buffer overflow in the awarrensmtp component of Sophos XG Firewall v17.5 MR11 and older potentially allows an attacker to run arbitrary code remotely.

Published: 2020-06-18T15:25:29.000Z
Updated: 2024-08-04T11:35:12.730Z

A shell escape vulnerability in /webconsole/APIController in the API Configuration component of Sophos XG firewall 17.0.8 MR-8 allows remote attackers to execute arbitrary OS commands via shell metachracters in the "X-Forwarded-for" HTTP header.

Published: 2019-06-20T16:02:54.000Z
Updated: 2024-08-05T10:17:38.154Z

A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary OS commands via shell metacharacters in the "dbName" POST parameter.

Published: 2019-06-20T16:06:13.000Z
Updated: 2024-08-05T10:17:37.633Z

An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page (Control Center -> Log Viewer -> in the filter option "Web Server Protection") in the webadmin interface, and execute any action available to the webadmin of the firewall (e.g., creating a new user, enabling SSH, or adding an SSH authorized key). The WAF log page will execute the "User-Agent" parameter in the HTTP POST request.

Published: 2018-01-12T17:00:00.000Z
Updated: 2024-08-05T21:06:50.119Z