writeups.xyz / CVE-2022-3236: Sophos Firewall User Portal and Web Admin Code Injection

Submitter : c2a

Date: 19 October 2022

Bounty : undisclosed

Vulnerabilities :

• RCE
• Code Injection
• Security Code Review

Programs :

• Sophos

Authors :

• Guy Lederfein (@Glederfein)
• Dusan Stevanovic

Link :
https://www.zerodayinitiative.com/blog/2022/10/19/cve-2022-3236-sophos-firewall-user-portal-and-web-admin-code-injection