Sophos Firewall version v19.0 MR1 and older is vulnerable to code injection in the User Portal and Webadmin, allowing a remote unauthenticated attacker to execute arbitrary code. [已公开] id: CVE-2022-3236 info: name: Sophos Firewall <= 19.0 MR1 - Remote Code Execution author: daffainfo severity: critical description: | Sophos Firewall version v19.0 MR1 and older is vulnerable to code injection in the User Portal and Webadmin, allowing a remote unauthenticated attacker to execute arbitrary code. impact: | Remote attackers can execute arbitrary code on the system, potentially leading to full system compromise. remediation: | Update to the latest version of Sophos Firewall. reference: - https://www.thezdi.com/blog/2022/10/19/cve-2022-3236-sophos-firewall-user-portal-and-web-admin-code-injection - https://nvd.nist.gov/vuln/detail/cve-2022-3236 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-3236 cwe-id: CWE-94 epss-score: 0.92403 epss-percentile: 0.99718 cpe: cpe:2.3:a:sophos:firewall:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: sophos product: firewall shodan-query: http.title:"Sophos" fofa-query: title="soph

未知