CVE-2022-1040 PoC — Sophos Firewall 授权问题漏洞

Source

https://github.com/michealadams30/CVE-2022-1040

Associated Vulnerability

Title:Sophos Firewall 授权问题漏洞 (CVE-2022-1040)
Description:Sophos Firewall是英国Sophos公司的一款防火墙。 Sophos Firewall version v18.5 MR3 版本及之前版本的 User Portal 和 Webadmin 模块存在授权问题漏洞，该漏洞源于User Portal 和 Webadmin 模块存在身份认证绕过漏洞。攻击者通过该漏洞可以远程执行代码。

Description

Sophos EXploit

Readme

# CVE-2022-1040

Here is the Sophos exploit found on 2022-08-04 working on version 17.0.10 MR-10.

File Snapshot


 [4.0K]  /data/pocs/20ad9a53f7a52819e53223a49b507ce504841a63
├── [  99]  README.md
└── [1.7K]  xploit

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!