CVE-2020-11503 — CVSS 9.8 (critical): A heap-based buffer overflow in the awarrensmtp component of Sophos XG Firewall v17.5 MR11 and older potentially allows an attacker to run…
CVE-2018-16116 — CVSS 8.8 (high): SQL injection vulnerability in AccountStatus.jsp in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to…
CVE-2018-16117 — CVSS 8.8 (high): A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated…
CVE-2018-16118 — CVSS 8.1 (high): A shell escape vulnerability in /webconsole/APIController in the API Configuration component of Sophos XG firewall 17.0.8 MR-8 allows…
CVE-2017-18014 — CVSS 6.1 (medium): An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can…
CVE-2022-0331 — CVSS 5.3 (medium): An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos…