CVE-2022-1040
Description
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
Sophos Limited
Severity: CRITICAL
CVE ID: CVE-2022-1040
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2022-1040
Refrence: Project Discovery GitHub
killvxk
may the poc with you
Refrence: GitHub
jam620
CVE-2022-1040
Refrence: GitHub
Keith-amateur
Save the trouble to open the burpsuite...
Refrence: GitHub
jackson5sec
This vulnerability allows an attacker to gain unauthorized access to the firewall management space by bypassing authentication
Refrence: GitHub
michealadams30
Sophos EXploit
Refrence: GitHub
Cyb3rEnthusiast
New exploitation of 2020 Sophos vuln
Refrence: GitHub
xMr110
Refrence: GitHub