CVE-2022-3236

Published on: Not Yet Published

Last Modified on: 09/28/2022 07:11:00 PM UTC

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Firewall from Sophos contain the following vulnerability:

A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.

  • CVE-2022-3236 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as CRITICAL severity.
  • Affected Vendor/Software: URL Logo Sophos - Sophos Firewall version <= 18.5 MR4
  • Affected Vendor/Software: URL Logo Sophos - Sophos Firewall version <= 19.0 MR1

CVSS3 Score: 9.8 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVE References

Description Tags Link
No Description Provided www.sophos.com

Inactive LinkNot Archived
URL Logo CONFIRM www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce

Related QID Numbers

  • 730616 Sophos Firewall Remote Code Execution (RCE) Vulnerability (sophos-sa-20220923-sfos-rce)

Exploit/POC from Github

Unauthenticated rce in sophos User Portal and Webadmin components mass exploitation tool

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationSophosFirewallAllAllAllAll
  • cpe:2.3:a:sophos:firewall:*:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @CVEreport CVE-2022-3236 : A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute… twitter.com/i/web/status/1… 2022-09-23 13:03:34
Twitter Icon @Robo_Alerts Potentially Critical CVE Detected! CVE-2022-3236 A code injection vulnerability in the User Portal and Webadmin all… twitter.com/i/web/status/1… 2022-09-23 13:56:00
Reddit Logo Icon /r/netcve CVE-2022-3236 2022-09-23 14:38:51
Reddit Logo Icon /r/KomodoCyberConsulting CVE-2022-3236: Critical 0-day Sophos Firewall RCE Vulnerability 2022-09-24 03:08:02
Reddit Logo Icon /r/blueteamsec RCE in Sophos Firewall (CVE-2022-3236) - Sophos has observed this vulnerability being used to target a small set of specific organizations, primarily in the South Asia region 2022-09-24 05:07:37
© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report