Vulnerability Details CVE-2022-1040
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.944
EPSS Ranking 100.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Proposed Action
An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.
Ransomware Campaign
Unknown
References
- http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html
- https://www.exploit-db.com/exploits/51006
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce
- http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html
- https://www.exploit-db.com/exploits/51006
- https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce
Products affected by CVE-2022-1040
-
cpe:2.3:o:sophos:sfos:15.01.0
-
cpe:2.3:o:sophos:sfos:16.5
-
cpe:2.3:o:sophos:sfos:17.0
-
cpe:2.3:o:sophos:sfos:17.1
-
cpe:2.3:o:sophos:sfos:17.5
-
cpe:2.3:o:sophos:sfos:18.0
-
cpe:2.3:o:sophos:sfos:18.5.2
-
cpe:2.3:o:sophos:sfos:18.5.3