ГлавнаяУязвимости → CVE-2024-12729
8.8высокая

CVE-2024-12729

Описание

A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1).

Затрагиваемое ПО
Sophos Firewall firmwareSophos Firewall
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce