cbcvebase.
CVE-2022-1807
published 2022-09-07

CVE-2022-1807: Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version…

PriorityP341high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
0.97%
57.3th percentile
Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.

Affected

5 ranges
VendorProductVersion rangeFixed in
sophosfirewall< 18.518.5
sophosfirewall
sophosfirewall
sophossophos_firewall>= unspecified < 18.5 MR418.5 MR4
sophossophos_firewall>= unspecified < 19.0 MR119.0 MR1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.