CVE-2021-25268

HIGH

8.4

CVSS Severity Score

EPSS Score0.0190%

EPSS Percentile2.55th

Published2022年5月5日

Last Modified2024年11月21日

Vulnerability Description

Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA.

Affected Platforms (CPE)

💻

Sophos

Firewall Firmware

< 19.0

References & Advisories

🔗 https://www.sophos.com/en-us/security-advisories/sophos-sa-20220505-sfos-19-0-0

関連する脆弱性情報

CVE-2014-068310.0

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 a...

CVE-2012-179910.0

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does ...

CVE-2020-108879.8

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Au...

CVE-2018-40039.8

An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. The stri...