Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-1040 PoC — Sophos Firewall 授权问题漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-1040.yaml
Associated Vulnerability
Title:Sophos Firewall 授权问题漏洞 (CVE-2022-1040)
Description:Sophos Firewall是英国Sophos公司的一款防火墙。 Sophos Firewall version v18.5 MR3 版本及之前版本的 User Portal 和 Webadmin 模块存在授权问题漏洞,该漏洞源于User Portal 和 Webadmin 模块存在身份认证绕过漏洞。攻击者通过该漏洞可以远程执行代码。
Description
Sophos Firewall version v18.5 MR3 and older contains an authentication bypass vulnerability in the User Portal and Webadmin which could allow a remote attacker to execute code.
File Snapshot

 id: CVE-2022-1040

info:
  name: Sophos Firewall <=18.5 MR3 - Remote Code Execution
  author: For3st

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.