Vulnerabilities for Xg firewall firmware (...) - CXSECURITY.COM

Vulnerabilities for 'Xg firewall firmware'

2020-08-07

CVE-2020-17352

CWE-78

Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code.

2020-07-10

CVE-2020-15504

CWE-89

A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 (named MR-1-Build396) and the v17.5 MR13 release. All other versions >= 17.0 have received a hotfix.

>>> Vendor: Sophos 53 Products

Small business suite

Sophos anti-virus

Sophos puremessage anti-virus

Sophos small business suite

Sophos mailmonitor

Sophos mailmonitor for notes domino

Endpoint security

Scanning engine

Anti-virus7.6.3

Puremessage for microsoft exchange

Unified threat management software

Unified threat management

Disk encryption

Safeguard easy device encryption client

Safeguard enterprise device encryption

Sophos endpoint security and control

Safeguard enterprise

Free encryption

Safeguard privatecrypto

Web appliance firmware

Enterprise console

Cyberoam cr100ing utm firmware

Cyberoam cr35ing utm firmware

Unified threat management up2date

Mobile control eas proxy

Cyberoam cr25ing utm firmware

Cyberoam firmware

Threat detection engine

Astaro security gateway firmware

Endpoint protection

Invincea dell protected workspace

Safeguard enterprise client

Safeguard lan crypt client

Hitmanpro.alert

Sophos secure email

Xg firewall firmware

Sophos secure workspace

Exploit prevention

Intercept x endpoint

Intercept x for server

Copyright 2024, cxsecurity.com