PT-2022-4853 · Sophos · Sophos Firewall
Published
2022-09-23
·
Updated
2026-02-10
·
CVE-2022-3236
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Sophos Firewall versions prior to v19.0 MR1
Description
A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows a remote attacker to execute code. The vulnerability is being actively exploited by hackers in attacks. Over 4000 servers are still vulnerable to this critical bug.
Recommendations
For Sophos Firewall versions prior to v19.0 MR1, apply the backported security update to fix the code injection vulnerability. As a temporary workaround, consider restricting access to the User Portal and Webadmin until the update is applied.
Exploit
Fix
RCE
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sophos Firewall