CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-3236

A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.927

EPSS Ranking 99.7%

CVSS Severity

CVSS v3 Score 9.8

Proposed Action

A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.

Ransomware Campaign

Unknown

References

https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce

Products affected by CVE-2022-3236

Sophos » Firewall » Version: 19.0.1

cpe:2.3:a:sophos:firewall:19.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-3236

Products

Pricing

Contact Us