漏洞描述
Sophos XG 防火墙存在认证绕过漏洞,该漏洞是由于应用程序未对参数JSON的数据充分过滤导致的。
Sophos 防火墙 CVE-2022-1040 认证绕过漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2020-25223: Sophos UTM Preauth - Remote Code Execution
- POC CVE-2022-1040: Sophos Firewall <=18.5 MR3 - Remote Code Execution
- POC CVE-2022-3980: Sophos Mobile managed on-premises - XML External Entity Injection
- POC CVE-2023-1671: Sophos Web Appliance - Remote Code Execution
- POC CVE-2023-1671: Sophos Web Appliance - Remote Code Execution
- POC sophos-xg115w-firewall-mr-10-authentication: Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass
- Sophos Firewall User Portal and Webadmin 代码注入漏洞
- Sophos Web CVE-2023-1671 命令注入漏洞
- Sophos Mobile managed on-premises XML外部实体注入(CVE-2022-3980)
- Sophos Web Appliance 命令注入漏洞(CVE-2023-1671)