exploitDog

CVE-2025-7624

Опубликовано: 21 июл. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA.

Ссылки

https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce

EPSS

Процентиль: 23%

0.00074

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-rjpf-qp74-8rgx

CVSS3: 9.8

github

около 2 месяцев назад

An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA.

EPSS

Процентиль: 23%

0.00074

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89