A malicious website could execute code remotely in Sophos Connect Client before version 2.1. View Analysis Description Severity CVSS. We also display any CVSS information provided within the CVE List from the CNA. Note: NVD Analysts have published a CVSS score for this CVE based on publicly available information at the time of analysis. Issue: SFOS version: Security update distributed: NC-33639 (CVE-2018-16116) Version 17.0: July 17th, 2018, and SFOS v17.1 GA: Version 16.5 OEM: July 19th, 2018. The code erroneously suggests that the information handled is protected by utilizing the variable name 'escapedips' - however this was not the case. The Sophos ID is NSWA-1258. 29 CVE-2016-9038: 362: Mem. 2018-04-24: 2018-06-13. Sophos: List of all products, security vulnerabilities of products, cvss score reports, detailed graphical reports, vulnerabilities by years and metasploit modules related to products of this vendor. (e.g.: CVE-2009-1234 or 2010-1234 or 20101234). Sophos began pushing hotfixes to supported XG Firewalls: 2020-04-25 22:00: Sophos confirms completion of hotfix rollout to XG Firewall units with auto-update (default) enabled. More information This vulnerability is listed as CVE 2020-12271 in the National Vulnerability Database.
CVE-2021-25265 DetailCurrent DescriptionA malicious website could execute code remotely in Sophos Connect Client before version 2.1. Analysis DescriptionA malicious website could execute code remotely in Sophos Connect Client before version 2.1. Youtube converter for mac mp3. Miro todoist. SeverityCVSS 3.x Severity and Metrics: NIST:NVD Vector:NVD Vector: | |
| Hyperlink | Resource |
|---|---|
| https://community.sophos.com/b/security-blog | Vendor Advisory |
| https://community.sophos.com/b/security-blog/posts/resolved-rce-in-sophos-connect-client-for-windows-cve-2021-25265 | PatchVendor Advisory |
Weakness Enumeration
| CWE-ID | CWE Name | Source |
|---|---|---|
| NVD-CWE-noinfo | Insufficient Information | NIST |
Known Affected Software Configurations Switch to CPE 2.2
Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.
Change History
1 change records found show changes
Quick Info
CVE Dictionary Entry:CVE-2021-25265
NVD Published Date:
03/22/2021
NVD Last Modified:
03/24/2021
Source:
Sophos Limited
Current Description
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone. A successful attack may have caused remote code execution that exfiltrated usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords)
Analysis Description
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone. A successful attack may have caused remote code execution that exfiltrated usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords)
Severity
CVSS 3.x Severity and Metrics:
Weakness Enumeration
| CWE-ID | CWE Name | Source |
|---|---|---|
| CWE-89 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | NIST |
Known Affected Software Configurations Switch to CPE 2.2
Sophos Exchange Cve
Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.
Advisory: Sophos XG Firewall Vulnerabilities Reported By ..
Change History
4 change records found show changes