Sophos has released a patch for its firewall product to fix a critical remote code execution vulnerability being exploited in the wild. Tracked as CVE-2022-3236, the vulnerability was discovered in the User Portal and Webadmin of Sophos Firewall. This is a code injection vulnerability that can allow remote code execution on the affected systems. … Continue reading “Sophos Firewall Remote Code Execution Vulnerability (CVE-2022-3236)”
Tag: Sophos Firewall
Sophos Firewall Remote Code Execution Vulnerability (CVE-2022-1040)
Sophos has released an update to address a critical authentication bypass vulnerability (CVE-2022-1040) in Sophos Firewall. Successful exploitation of this vulnerability can lead to remote code execution. The vulnerability exists in the User Portal and Webadmin of Sophos Firewall. A remote attacker who gains access to the Firewall’s User Portal or the Webadmin interface … Continue reading “Sophos Firewall Remote Code Execution Vulnerability (CVE-2022-1040)”