CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12729
https://notcve.org/view.php?id=CVE-2024-12729
19 Dec 2024 — A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). • https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12728
https://notcve.org/view.php?id=CVE-2024-12728
19 Dec 2024 — A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0.3). • https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce • CWE-1391: Use of Weak Credentials •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12727
https://notcve.org/view.php?id=CVE-2024-12727
19 Dec 2024 — A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting database and can lead to remote code execution if a specific configuration of Secure PDF eXchange (SPX) is enabled in combination with the firewall running in High Availability (HA) mode. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8885
https://notcve.org/view.php?id=CVE-2024-8885
02 Oct 2024 — A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20241002-cde-lpe • CWE-502: Deserialization of Untrusted Data CWE-1104: Use of Unmaintained Third Party Components •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36806
https://notcve.org/view.php?id=CVE-2021-36806
30 Nov 2023 — A reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on Sophos Email Appliance older than version 4.5.3.4. Una vulnerabilidad XSS reflejada permite una redirección abierta cuando la víctima hace clic en un enlace malicioso a una página de error en Sophos Email Appliance anterior a la versión 4.5.3.4. • https://community.sophos.com/email-appliance/b/blog/posts/sophos-email-appliance-version-4-5-3-4-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5552
https://notcve.org/view.php?id=CVE-2023-5552
17 Oct 2023 — A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”. Una vulnerabilidad de divulgación de contraseña en la función Secure PDF eXchange (SPX) permite a atacantes con acceso completo al correo electrónico descifrar archivos PDF en Sophos Firewall versión 19.5 MR3 (19.5.3) y anteriores, si el tipo de contraseña está configu... • https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33335
https://notcve.org/view.php?id=CVE-2023-33335
05 Jul 2023 — Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed. • https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-%28XSS%29-in-Sophos-iView.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33336
https://notcve.org/view.php?id=CVE-2023-33336
30 Jun 2023 — Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes. • https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-%28XSS%29-in-Sophos-Web-Appliance-4.1.1-0.9.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 94%CPEs: 1EXPL: 7CVE-2023-1671 – Sophos Web Appliance Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-1671
04 Apr 2023 — A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. Sophos Web Appliance version 4.3.10.4 suffers from a pre-authentication command injection vulnerability. Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution. • https://packetstorm.news/files/id/172016 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4934
https://notcve.org/view.php?id=CVE-2022-4934
04 Apr 2023 — A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •