📦 Firewall Firmware

This vulnerability allows unauthenticated attackers to write arbitrary files to Sophos Firewall systems, potentially leading to remote code execution. It affects Sophos Firewall versions older than 21...

An SQL injection vulnerability in Sophos Firewall's legacy SMTP proxy allows remote attackers to execute arbitrary code on affected systems. This affects Sophos Firewall versions older than 21.0 MR2 w...

This critical vulnerability allows unauthenticated attackers to execute SQL injection attacks against Sophos Firewall's email protection feature. Successful exploitation can lead to database access an...

This vulnerability in Sophos Firewall's Up2Date component allows attackers who control the firewall's DNS environment to achieve remote code execution. It affects Sophos Firewall versions older than 2...

This is a post-authentication code injection vulnerability in Sophos Firewall's User Portal that allows authenticated users to execute arbitrary code remotely. It affects Sophos Firewall versions olde...

This CVE describes a post-authentication SQL injection vulnerability in Sophos Firewall's WebAdmin interface. Attackers with administrative credentials can exploit this to execute arbitrary SQL comman...