CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-25267
https://notcve.org/view.php?id=CVE-2021-25267
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 19.0 GA. Múltiples vulnerabilidades de tipo XSS en Webadmin permiten una escalada de privilegios de admin a super-admin en Sophos Firewall versiones anteriores a 19.0 GA • https://www.sophos.com/en-us/security-advisories/sophos-sa-20220505-sfos-19-0-0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2020-17352
https://notcve.org/view.php?id=CVE-2020-17352
Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code. Dos vulnerabilidades de inyección de comandos de Sistema Operativo en el portal de Usuario de Sophos XG Firewall hasta el 05-08-2020, permiten potencialmente a un atacante autenticado ejecutar código arbitrario remotamente • https://community.sophos.com/b/security-blog https://community.sophos.com/b/security-blog/posts/advisory-resolved-authenticated-rce-issues-in-user-portal-cve-2020-17352 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2020-15504
https://notcve.org/view.php?id=CVE-2020-15504
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 (named MR-1-Build396) and the v17.5 MR13 release. All other versions >= 17.0 have received a hotfix. Una vulnerabilidad de inyección SQL en las interfaces web de usuario y administrador de Sophos XG Firewall versiones v18.0 MR1 y anteriores, permite potencialmente a un atacante ejecutar código arbitrario remotamente. La corrección está incorporada en el relanzamiento de XG Firewall versión v18 MR-1 (llamado MR-1-Build396) y la versión v17.5 MR13. • https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-via-sqli-cve-2020-15504 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 14EXPL: 0CVE-2020-15069
https://notcve.org/view.php?id=CVE-2020-15069
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x. Sophos XG Firewall versiones 17.x hasta v17.5 MR12, permite un desbordamiento de búfer y una ejecución de código remota por medio de la funcionalidad HTTP/S Bookmarks para acceso sin cliente. La Hotfix HF062020.1 fue publicada para todos los firewalls que ejecutan versión v17.x • https://community.sophos.com/b/security-blog/posts/advisory-buffer-overflow-vulnerability-in-user-portal • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2020-11503
https://notcve.org/view.php?id=CVE-2020-11503
A heap-based buffer overflow in the awarrensmtp component of Sophos XG Firewall v17.5 MR11 and older potentially allows an attacker to run arbitrary code remotely. Un desbordamiento de búfer en la región heap de la memoria en el componente awarrensmtp de Sophos XG Firewall versiones v17.5 MR11 y anteriores, permite potencialmente a un atacante ejecutar código arbitrario remotamente • https://community.sophos.com/b/security-blog/posts/advisory-potential-rce-through-heap-overflow-in-awarrensmtp-cve-2020-11503 • CWE-787: Out-of-bounds Write •