CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7249 – Comodo Firewall Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7249
Comodo Firewall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the application to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-954 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2023-42552
https://notcve.org/view.php?id=CVE-2023-42552
Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall. Vulnerabilidad de secuestro de intención implícita en la aplicación Firewall anterior a las versiones 12.1.00.24 en Android 11, 13.1.00.16 en Android 12 y 14.1.00.7 en Android 13 permite que una aplicación de terceros altere la base de datos del Firewall. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5552
https://notcve.org/view.php?id=CVE-2023-5552
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”. Una vulnerabilidad de divulgación de contraseña en la función Secure PDF eXchange (SPX) permite a atacantes con acceso completo al correo electrónico descifrar archivos PDF en Sophos Firewall versión 19.5 MR3 (19.5.3) y anteriores, si el tipo de contraseña está configurado en "Especificado por el remitente". • https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 12%CPEs: 1EXPL: 0CVE-2022-3236 – Sophos Firewall Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-3236
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. Una vulnerabilidad de inyección de código en User Portal and Webadmin permite a un atacante remoto ejecutar código en Sophos Firewall versiones v19.0 MR1 y anteriores. A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2022-1807
https://notcve.org/view.php?id=CVE-2022-1807
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1. Múltiples vulnerabilidades SQLi en Webadmin permiten una escalada de privilegios de administrador a superadministrador en Sophos Firewall versiones anteriores a versión 18.5 MR4 y versión 19.0 MR1 • https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4 https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •