CyberSec.Space Logo
Back to CVE Browser

CVE-2021-25268

HIGH
8.4
CVSS Severity Score
EPSS Score0.0190%
EPSS Percentile2.55th
PublishedMay 5, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA.

Affected Platforms (CPE)

💻
Sophos

Firewall Firmware

< 19.0

References & Advisories

🔗 https://www.sophos.com/en-us/security-advisories/sophos-sa-20220505-sfos-19-0-0
🔗 https://www.sophos.com/en-us/security-advisories/sophos-sa-20220505-sfos-19-0-0

Related Vulnerabilities

CVE-2014-068310.0

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 a...

CVE-2012-179910.0

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does ...

CVE-2020-108879.8

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Au...

CVE-2018-40039.8

An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. The stri...