CVE-2022-3696

A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sophos:xg_firewall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sophos:xg_firewall:-:*:*:*:*:*:*:*

Information

Published : 2022-12-01 10:15

Updated : 2022-12-05 11:06


NVD link : CVE-2022-3696

Mitre link : CVE-2022-3696


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

sophos

  • xg_firewall
  • xg_firewall_firmware