Mgrimm

**Name of the Vulnerable Software and Affected Versions** Sophos SG UTM versions prior to v9.705 MR5 Sophos SG UTM versions prior to v9.607 MR7 Sophos SG UTM versions prior to v9.511 MR11 **Description** A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM. The vulnerability is related to the failure to neutralize special elements used in operating system commands. Exploitation of the vulnerability may allow a remote attacker to execute arbitrary commands. **Recommendations** For versions prior to v9.705 MR5, update to v9.705 MR5 or later. For versions prior to v9.607 MR7, update to v9.607 MR7 or later. For versions prior to v9.511 MR11, update to v9.511 MR11 or later.