SQL INJECTION VULNERABILITY IN SOPHOS XG FIREWALL ALLOWS HACKERS TO CONFIGURE FIREWALL

Last week, the web application penetration testing team at cybersecurity solutions firm Sophos received a report on an XG Firewall implementation that presented a visible suspicious value in the management interface. After conducting an investigation, the company determined that this was an attack on its physical and virtual firewall drives.

Apparently, the attack affected systems configured with the management interface and user portal exposed in the WAN zone. In addition, manually set firewall deployments are also affected.

Regarding the attack variant used by threat actors, web application penetration testing experts mention that a pre-authentication SQL injection vulnerability was exploited to gain access to exposed firewalls. Data stolen from any affected firewall includes the local usernames and hash passwords of any local user account. This includes local device administrators, user portal accounts, and accounts used for remote access.

Cyber Security News | Exploit One | Hacking News

Search This Blog

LIKE TIKTOK, LINKEDIN IS SPYING ON WHAT YOU TYPE IN THE PHONE THROUGH THE CLIPBOARD

SQL INJECTION VULNERABILITY IN SOPHOS XG FIREWALL ALLOWS HACKERS TO CONFIGURE FIREWALL

Comments

Post a Comment