A Vulnerability in Sophos Firewall Could Allow for Arbitrary Remote Code Execution | allinfosecnews.com

March 29, 2022, 5:21 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in Sophos Firewall’s user portal and Webadmin that could allow for arbitrary remote code execution. Sophos Firewall is a next generation firewall product which enables users to manage, detect and respond to threats on the network. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the web application. Depending on the privileges associated with the application, an attacker could view, change, or delete data.

code code execution firewall remote code execution sophos sophos firewall vulnerability

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation 6 days, 4 hours ago | www.cisecurity.org

access access rights account attacker +14

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 6 days, 4 hours ago | www.cisecurity.org

arbitrary code arbitrary code execution chrome code +7

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 1 week ago | www.cisecurity.org

access arbitrary code arbitrary code execution browser +17

Multiple Vulnerabilities in Siemens Ruggedcom Crossbow Could Allow for Arbitrary Code Execution 1 week ago | www.cisecurity.org

access access management arbitrary code arbitrary code execution +17

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 1 week ago | www.cisecurity.org

acrobat adobe adobe acrobat application +17

Critical Patches Issued for Microsoft Products, May 14, 2024 1 week ago | www.cisecurity.org

accounts attacker change code +14

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 1 week ago | www.cisecurity.org

arbitrary code arbitrary code execution attacker chrome +9

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution 1 week, 1 day ago | www.cisecurity.org

apple arbitrary code arbitrary code execution code +6

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 1 week, 5 days ago | www.cisecurity.org

arbitrary code arbitrary code execution attacker chrome +9

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Incident Response Lead(IR)

@ Blue Yonder | Hyderabad

View on infosec-jobs.com

Comcast Cybersecurity: Privacy Operations Executive Director

@ Comcast | PA - Philadelphia, 1701 John F Kennedy Blvd

View on infosec-jobs.com