Sophos UTM Webadmin remote command execution
Added: 08/27/2021Background
Sophos UTM is a network security appliance.Problem
A vulnerability in the Webadmin interface allows remote attackers to execute arbitrary commands by sending a specially crafted POST request.Resolution
Upgrade to Sophos SG UTM v9.511 MR11, v9.607 MR7, or v9.705 MR5 or higher.References
https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223https://www.atredis.com/blog/2021/8/18/sophos-utm-cve-2020-25223
Limitations
Exploit works on Sophos UTM v9.701 and possibly other versions.Platforms
LinuxBack to exploit index