Categories: Cyber Security NewsFirewall

Sophos Web Appliance Critical Flaw Let Attacker Execute Arbitrary Code

Sophos has released a new security advisory that has fixed 3 of its significant vulnerabilities, allowing threat actors to execute arbitrary code injection on Sophos Web Appliance (SWA).

CVE(s):

CVE-2023-1671 – Pre-Auth Command Injection in Sophos Web Appliance

CVSS Score: 9.8 (Critical)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

This vulnerability exists on the warn-proceed handler, allowing threat actors to execute arbitrary code. An external security researcher reported it through the Sophos Bug Bounty Program.

Vulnerable Products:

Sophos Web Appliance 4.3.10.4 and older versions

CVE-2022-4934 – Post-Auth Command Injection in Sophos Web Appliance

CVSS Score: 7.2 (High)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

This vulnerability exists on the exception wizard handler, allowing administrators to execute arbitrary code. An external security researcher reported it through the Sophos Bug Bounty Program.

Vulnerable Products:

Sophos Web Appliance 4.3.10.4 and older versions

CVE-2020-36692 – Reflected XSS via POST method in Sophos Web Appliance

CVSS Score: 5.4 (Medium)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

This vulnerability exists on the report scheduler, allowing threat actors to execute Javascript code on the victim’s browser. To exploit this vulnerability, a threat actor must trick a victim into submitting a malicious form on any compromised website.

In contrast, the victim is logged on to Sophos Web Appliance.  An external security researcher reported it through the Sophos Bug Bounty Program.

Vulnerable Products:

Sophos Web Appliance 4.3.10.4 and older versions

Recommendations:

  • Sophos has released patches to fix these vulnerabilities, which no longer need customer interaction since they are automatically updated.
  • Sophos has also requested to keep Sophos Web Appliance protected from exposing to the internet

Release Notes:

Work OrderDescription
NSWA-1689Resolved an XSS vulnerability in the report scheduler (CVE-2020-36692).
NSWA-1756Resolved a vulnerability in the exception wizard (CVE-2022-4934).
NSWA-1763Resolved a vulnerability in the warning page handler (CVE-2023-1671).

Struggling to Apply The Security Patch in Your System? – 

Related Read:

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Leave a Comment
Share
Published by
Gurubaran
Tags: FirewallVulnerability
2 years ago

Recent Posts

Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data

A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox,…

5 hours ago

Ghostwriter Malware Targets Government Organizations with Weaponized XLS File

A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has…

5 hours ago

LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager

The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial…

5 hours ago

Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications

Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade detection…

5 hours ago

App with Over 100,000 Downloads from Google Play Steals User Data and Blackmails

A financial management app named Finance Simplified has been revealed as a malicious tool for…

5 hours ago

Poseidon Mac Malware Hiding Within PKG Files to Evade Detections

A recent discovery by cybersecurity researchers has revealed that the Poseidon malware, a macOS-targeting trojan,…

5 hours ago