Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability (HA) mode.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Sophos Firewall 安全漏洞
Vulnerability Description
Sophos Firewall是英国Sophos公司的一款防火墙。 Sophos Firewall 21.0 MR2之前版本存在安全漏洞,该漏洞源于Secure PDF eXchange功能存在任意文件写入,可能导致预认证远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A