Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for Firewall by Sophos

    VAR-202209-1931

    Vulnerability from variot - Updated: 2025-11-18 15:28

    A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202209-1931",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "19.0.1"
          },
          {
            "model": "firewall",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "\u30bd\u30d5\u30a9\u30b9",
            "version": "19.0.1  and earlier"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30bd\u30d5\u30a9\u30b9",
            "version": null
          },
          {
            "model": "firewall",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30bd\u30d5\u30a9\u30b9",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          }
        ]
      },
      "cve": "CVE-2022-3236",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "security-alert@sophos.com",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-3236",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 3.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-3236",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "security-alert@sophos.com",
                "id": "CVE-2022-3236",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-3236",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2022-3236",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-3236",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202209-2368",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "db": "VULHUB",
            "id": "VHN-430846"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-3236",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-2368",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-430846",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-430846"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          }
        ]
      },
      "id": "VAR-202209-1931",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-430846"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-11-18T15:28:35.157000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Sophos Firewall Repair measures for injecting vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=209421"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-94",
            "trust": 1.0
          },
          {
            "problemtype": "Code injection (CWE-94) [NVD evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-74",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-430846"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2022-3236"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3236"
          },
          {
            "trust": 0.8,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-3236/"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/sophos-firewall-code-execution-via-user-portal-webadmin-39358"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-430846"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-430846"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-3236"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-09-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-430846"
          },
          {
            "date": "2022-09-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          },
          {
            "date": "2023-10-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "date": "2022-09-23T13:15:10.327000",
            "db": "NVD",
            "id": "CVE-2022-3236"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-09-28T00:00:00",
            "db": "VULHUB",
            "id": "VHN-430846"
          },
          {
            "date": "2022-09-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          },
          {
            "date": "2023-10-17T08:05:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          },
          {
            "date": "2025-10-27T17:00:44.353000",
            "db": "NVD",
            "id": "CVE-2022-3236"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "of Sophos \u00a0firewall\u00a0 Code injection vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017940"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-2368"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202209-0443

    Vulnerability from variot - Updated: 2025-06-18 23:25

    Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1. of Sophos firewall for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Sophos Firewall is a firewall of British Sophos company. Attackers can use this vulnerability to upgrade the privilege from administrator to super administrator

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202209-0443",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "19.0"
          },
          {
            "model": "firewall",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "18.5"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "18.5"
          },
          {
            "model": "firewall",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30bd\u30d5\u30a9\u30b9",
            "version": null
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30bd\u30d5\u30a9\u30b9",
            "version": "19.0"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30bd\u30d5\u30a9\u30b9",
            "version": null
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30bd\u30d5\u30a9\u30b9",
            "version": "18.5"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-1807"
          }
        ]
      },
      "cve": "CVE-2022-1807",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "security-alert@sophos.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2022-1807",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-1807",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "security-alert@sophos.com",
                "id": "CVE-2022-1807",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-1807",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-1807",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202209-456",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-1807"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-1807"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1. of Sophos firewall for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Sophos Firewall is a firewall of British Sophos company. Attackers can use this vulnerability to upgrade the privilege from administrator to super administrator",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "db": "VULHUB",
            "id": "VHN-422956"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-1807"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-1807",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-456",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-422956",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-1807",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-422956"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-1807"
          }
        ]
      },
      "id": "VAR-202209-0443",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-422956"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-06-18T23:25:25.153000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Sophos Firewall SQL Repair measures for injecting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=207259"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-89",
            "trust": 1.1
          },
          {
            "problemtype": "SQL injection (CWE-89) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-422956"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-1807"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
          },
          {
            "trust": 2.6,
            "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1807"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-1807/"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/sophos-firewall-privilege-escalation-via-webadmin-39214"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-422956"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-1807"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-422956"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-1807"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-09-07T00:00:00",
            "db": "VULHUB",
            "id": "VHN-422956"
          },
          {
            "date": "2022-09-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-1807"
          },
          {
            "date": "2023-10-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "date": "2022-09-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          },
          {
            "date": "2022-09-07T18:15:08.647000",
            "db": "NVD",
            "id": "CVE-2022-1807"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-09-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-422956"
          },
          {
            "date": "2022-09-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-1807"
          },
          {
            "date": "2023-10-04T09:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          },
          {
            "date": "2022-09-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          },
          {
            "date": "2025-06-17T20:15:24.970000",
            "db": "NVD",
            "id": "CVE-2022-1807"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "of Sophos \u00a0firewall\u00a0 In \u00a0SQL\u00a0 Injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016526"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-456"
          }
        ],
        "trust": 0.6
      }
    }

    CERTFR-2025-AVI-0612

    Vulnerability from certfr_avis - Published: 2025-07-22 - Updated: 2025-07-22

    De multiples vulnérabilités ont été découvertes dans Sophos Firewall. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une injection SQL (SQLi).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Sophos Firewall Firewall versions antérieures à 21.5 GA (21.5.0.171)
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Firewall versions ant\u00e9rieures \u00e0 21.5 GA (21.5.0.171)",
          "product": {
            "name": "Firewall",
            "vendor": {
              "name": "Sophos",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-7624",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-7624"
        },
        {
          "name": "CVE-2024-13974",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-13974"
        },
        {
          "name": "CVE-2024-13973",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-13973"
        },
        {
          "name": "CVE-2025-7382",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-7382"
        },
        {
          "name": "CVE-2025-6704",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-6704"
        }
      ],
      "initial_release_date": "2025-07-22T00:00:00",
      "last_revision_date": "2025-07-22T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-0612",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-07-22T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Injection SQL (SQLi)"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Sophos Firewall. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une injection SQL (SQLi).",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans Sophos Firewall",
      "vendor_advisories": [
        {
          "published_at": "2025-07-21",
          "title": "Bulletin de s\u00e9curit\u00e9 Sophos sophos-sa-20250721-sfos-rce",
          "url": "https://www.sophos.com/fr-fr/security-advisories/sophos-sa-20250721-sfos-rce"
        }
      ]
    }

    CERTFR-2024-AVI-1099

    Vulnerability from certfr_avis - Published: 2024-12-20 - Updated: 2024-12-20

    De multiples vulnérabilités ont été découvertes dans Sophos Firewall. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Sophos Firewall Firewall versions antérieures à v21 MR1
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Firewall versions ant\u00e9rieures \u00e0 v21 MR1",
          "product": {
            "name": "Firewall",
            "vendor": {
              "name": "Sophos",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-12728",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-12728"
        },
        {
          "name": "CVE-2024-12727",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-12727"
        },
        {
          "name": "CVE-2024-12729",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-12729"
        }
      ],
      "initial_release_date": "2024-12-20T00:00:00",
      "last_revision_date": "2024-12-20T00:00:00",
      "links": [],
      "reference": "CERTFR-2024-AVI-1099",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-12-20T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Sophos Firewall. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans Sophos Firewall",
      "vendor_advisories": [
        {
          "published_at": "2024-12-19",
          "title": "Bulletin de s\u00e9curit\u00e9 Sophos sophos-sa-20241219-sfos-rce",
          "url": "https://www.sophos.com/fr-fr/security-advisories/sophos-sa-20241219-sfos-rce"
        }
      ]
    }

    CVE-2023-5552 (GCVE-0-2023-5552)

    Vulnerability from nvd – Published: 2023-10-17 23:29 – Updated: 2024-09-13 16:21
    VLAI
    Summary
    A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sophos Sophos Firewall Unaffected: 19.5.4
    Unaffected: 20.0.0
    Create a notification for this product.
    Credits
    IT für Caritas eG
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:59:44.981Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5552",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-13T16:20:59.543456Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-13T16:21:10.363Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Sophos Firewall",
              "vendor": "Sophos",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "19.5.4"
                },
                {
                  "status": "unaffected",
                  "version": "20.0.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "IT f\u00fcr Caritas eG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to \u201cSpecified by sender\u201d."
                }
              ],
              "value": "A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to \u201cSpecified by sender\u201d."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-117",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-117 Interception"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-17T23:29:12.601Z",
            "orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
            "shortName": "Sophos"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
        "assignerShortName": "Sophos",
        "cveId": "CVE-2023-5552",
        "datePublished": "2023-10-17T23:29:12.601Z",
        "dateReserved": "2023-10-12T05:55:23.384Z",
        "dateUpdated": "2024-09-13T16:21:10.363Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-3236 (GCVE-0-2022-3236)

    Vulnerability from nvd – Published: 2022-09-23 12:50 – Updated: 2025-10-21 23:15
    VLAI CISA KEVIntel
    Summary
    A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sophos Sophos Firewall Affected: unspecified , ≤ 18.5 MR4 (custom)
    Affected: unspecified , ≤ 19.0 MR1 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:00:10.526Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-3236",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T21:40:50.761466Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2022-09-23",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-3236"
                  },
                  "type": "kev"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:15:34.699Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-3236"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2022-09-23T00:00:00.000Z",
                "value": "CVE-2022-3236 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sophos Firewall",
              "vendor": "Sophos",
              "versions": [
                {
                  "lessThanOrEqual": "18.5 MR4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "19.0 MR1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-23T12:50:13.000Z",
            "orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
            "shortName": "Sophos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@sophos.com",
              "ID": "CVE-2022-3236",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sophos Firewall",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "18.5 MR4"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "19.0 MR1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Sophos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce",
                  "refsource": "CONFIRM",
                  "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
        "assignerShortName": "Sophos",
        "cveId": "CVE-2022-3236",
        "datePublished": "2022-09-23T12:50:13.000Z",
        "dateReserved": "2022-09-17T00:00:00.000Z",
        "dateUpdated": "2025-10-21T23:15:34.699Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1807 (GCVE-0-2022-1807)

    Vulnerability from nvd – Published: 2022-09-07 18:00 – Updated: 2025-06-17 19:36
    VLAI
    Summary
    Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sophos Sophos Firewall Affected: unspecified , < 18.5 MR4 (custom)
    Affected: unspecified , < 19.0 MR1 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:16:59.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1807",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-17T19:36:23.971495Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-89",
                    "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T19:36:39.421Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sophos Firewall",
              "vendor": "Sophos",
              "versions": [
                {
                  "lessThan": "18.5 MR4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThan": "19.0 MR1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-07T18:00:14.000Z",
            "orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
            "shortName": "Sophos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@sophos.com",
              "ID": "CVE-2022-1807",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sophos Firewall",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "18.5 MR4"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_value": "19.0 MR1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Sophos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4",
                  "refsource": "CONFIRM",
                  "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
                },
                {
                  "name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1",
                  "refsource": "CONFIRM",
                  "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
        "assignerShortName": "Sophos",
        "cveId": "CVE-2022-1807",
        "datePublished": "2022-09-07T18:00:14.000Z",
        "dateReserved": "2022-05-20T00:00:00.000Z",
        "dateUpdated": "2025-06-17T19:36:39.421Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5552 (GCVE-0-2023-5552)

    Vulnerability from cvelistv5 – Published: 2023-10-17 23:29 – Updated: 2024-09-13 16:21
    VLAI
    Summary
    A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sophos Sophos Firewall Unaffected: 19.5.4
    Unaffected: 20.0.0
    Create a notification for this product.
    Credits
    IT für Caritas eG
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:59:44.981Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5552",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-13T16:20:59.543456Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-13T16:21:10.363Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Sophos Firewall",
              "vendor": "Sophos",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "19.5.4"
                },
                {
                  "status": "unaffected",
                  "version": "20.0.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "IT f\u00fcr Caritas eG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to \u201cSpecified by sender\u201d."
                }
              ],
              "value": "A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to \u201cSpecified by sender\u201d."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-117",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-117 Interception"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-17T23:29:12.601Z",
            "orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
            "shortName": "Sophos"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
        "assignerShortName": "Sophos",
        "cveId": "CVE-2023-5552",
        "datePublished": "2023-10-17T23:29:12.601Z",
        "dateReserved": "2023-10-12T05:55:23.384Z",
        "dateUpdated": "2024-09-13T16:21:10.363Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-3236 (GCVE-0-2022-3236)

    Vulnerability from cvelistv5 – Published: 2022-09-23 12:50 – Updated: 2025-10-21 23:15
    VLAI CISA KEVIntel
    Summary
    A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sophos Sophos Firewall Affected: unspecified , ≤ 18.5 MR4 (custom)
    Affected: unspecified , ≤ 19.0 MR1 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:00:10.526Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-3236",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-28T21:40:50.761466Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2022-09-23",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-3236"
                  },
                  "type": "kev"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:15:34.699Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-3236"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2022-09-23T00:00:00.000Z",
                "value": "CVE-2022-3236 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sophos Firewall",
              "vendor": "Sophos",
              "versions": [
                {
                  "lessThanOrEqual": "18.5 MR4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "19.0 MR1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-23T12:50:13.000Z",
            "orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
            "shortName": "Sophos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@sophos.com",
              "ID": "CVE-2022-3236",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sophos Firewall",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "18.5 MR4"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "19.0 MR1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Sophos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce",
                  "refsource": "CONFIRM",
                  "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
        "assignerShortName": "Sophos",
        "cveId": "CVE-2022-3236",
        "datePublished": "2022-09-23T12:50:13.000Z",
        "dateReserved": "2022-09-17T00:00:00.000Z",
        "dateUpdated": "2025-10-21T23:15:34.699Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1807 (GCVE-0-2022-1807)

    Vulnerability from cvelistv5 – Published: 2022-09-07 18:00 – Updated: 2025-06-17 19:36
    VLAI
    Summary
    Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sophos Sophos Firewall Affected: unspecified , < 18.5 MR4 (custom)
    Affected: unspecified , < 19.0 MR1 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:16:59.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1807",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-17T19:36:23.971495Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-89",
                    "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T19:36:39.421Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sophos Firewall",
              "vendor": "Sophos",
              "versions": [
                {
                  "lessThan": "18.5 MR4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThan": "19.0 MR1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-07T18:00:14.000Z",
            "orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
            "shortName": "Sophos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@sophos.com",
              "ID": "CVE-2022-1807",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sophos Firewall",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "18.5 MR4"
                              },
                              {
                                "version_affected": "\u003c",
                                "version_value": "19.0 MR1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Sophos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4",
                  "refsource": "CONFIRM",
                  "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4"
                },
                {
                  "name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1",
                  "refsource": "CONFIRM",
                  "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
        "assignerShortName": "Sophos",
        "cveId": "CVE-2022-1807",
        "datePublished": "2022-09-07T18:00:14.000Z",
        "dateReserved": "2022-05-20T00:00:00.000Z",
        "dateUpdated": "2025-06-17T19:36:39.421Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }