CVE-2022-1807
published 2022-09-07CVE-2022-1807: Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version…
PriorityP341high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
0.97%
57.3th percentile
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sophos | firewall | < 18.5 | 18.5 |
| sophos | firewall | — | — |
| sophos | firewall | — | — |
| sophos | sophos_firewall | >= unspecified < 18.5 MR4 | 18.5 MR4 |
| sophos | sophos_firewall | >= unspecified < 19.0 MR1 | 19.0 MR1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-18-5-4https://www.sophos.com/en-us/security-advisories/sophos-sa-20220907-sfos-19-0-1
2022-09-07
Published