Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3236 | 1 Sophos | 1 Firewall | 2022-09-28 | N/A | 9.8 CRITICAL |
| A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. | |||||
| CVE-2022-1807 | 1 Sophos | 1 Firewall | 2022-09-12 | N/A | 7.2 HIGH |
| Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1. | |||||
| CVE-2021-25268 | 1 Sophos | 2 Firewall, Firewall Firmware | 2022-05-12 | 6.0 MEDIUM | 8.4 HIGH |
| Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA. | |||||
| CVE-2021-25267 | 1 Sophos | 2 Firewall, Firewall Firmware | 2022-05-12 | 8.5 HIGH | 8.4 HIGH |
| Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA. | |||||