Количество 3
Количество 3
CVE-2025-7382
A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxiliary devices, if OTP authentication for the admin user is enabled.
GHSA-848r-3x2j-g9jr
A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxiliary devices, if OTP authentication for the admin user is enabled.
BDU:2025-10972
Уязвимость интерфейса WebAdmin межсетевых экранов Sophos Firewall (ранее Sophos XG Firewall), позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-7382 A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxiliary devices, if OTP authentication for the admin user is enabled. | CVSS3: 8.8 | 0% Низкий | 7 месяцев назад |
| GHSA-848r-3x2j-g9jr A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxiliary devices, if OTP authentication for the admin user is enabled. | CVSS3: 8.8 | 0% Низкий | 7 месяцев назад |
 | BDU:2025-10972 Уязвимость интерфейса WebAdmin межсетевых экранов Sophos Firewall (ранее Sophos XG Firewall), позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу