Known Vulnerabilities for Xg Firewall Firmware by Sophos
Listed below are 9 of the newest known vulnerabilities associated with "Xg Firewall Firmware" by "Sophos".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-3713 json | A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases o... | 8.8 - HIGH | 2022-12-01 | 2022-12-05 |
| CVE-2022-3711 json | A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the U... | 4.3 - MEDIUM | 2022-12-01 | 2022-12-09 |
| CVE-2022-3710 json | A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in... | 2.7 - LOW | 2022-12-01 | 2023-02-01 |
| CVE-2022-3709 json | A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Fir... | 8.4 - HIGH | 2022-12-01 | 2022-12-09 |
| CVE-2022-3696 json | A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than ver... | 7.2 - HIGH | 2022-12-01 | 2022-12-05 |
| CVE-2022-3226 json | An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall rele... | 7.2 - HIGH | 2022-12-01 | 2022-12-05 |
| CVE-2020-17352 json | Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an aut... | 8.8 - HIGH | 2020-08-07 | 2020-08-12 |
| CVE-2020-15504 json | A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allo... | 9.8 - CRITICAL | 2020-07-10 | 2020-07-14 |
| CVE-2020-15069 json | Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks featur... | 9.8 - CRITICAL | 2020-06-29 | 2020-07-16 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Sophos | Xg Firewall Firmware | 18.0 | |||
| Operating System | Sophos | Xg Firewall Firmware | 18.0 | |||
| Operating System | Sophos | Xg Firewall Firmware | 18.0 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.5 | |||
| Operating System | Sophos | Xg Firewall Firmware | 17.0 |