CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-25223

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score96.6110%
EPSS Percentile94.16th
Published2020年9月25日
Last Modified2025年11月7日

Vulnerability Description

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11

Affected Platforms (CPE)

📦
Sophos

Unified Threat Management

< 9.511
📦
Sophos

Unified Threat Management

>= 9.600 and < 9.607
📦
Sophos

Unified Threat Management

>= 9.700 and < 9.705
📦
Sophos

Unified Threat Management

= 9.511
📦
Sophos

Unified Threat Management

= 9.607
📦
Sophos

Unified Threat Management

= 9.705

References & Advisories

🔗 http://packetstormsecurity.com/files/164697/Sophos-UTM-WebAdmin-SID-Command-Injection.html
🔗 https://community.sophos.com/b/security-blog
🔗 https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223
🔗 https://cwe.mitre.org/data/definitions/78.html
🔗 https://www.secpod.com/blog/remote-code-execution-in-sophos-utm/
🔗 http://packetstormsecurity.com/files/164697/Sophos-UTM-WebAdmin-SID-Command-Injection.html
🔗 https://community.sophos.com/b/security-blog
🔗 https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223

相關漏洞威脅

CVE-2019-00107.5

An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message ...

CVE-2010-22904.3

Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in McAfee Unified Threat Management (UTM) Firewall (formerly SnapGea...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...