CVE-2022-3236

Sophos Firewall Code Injection Vulnerability

A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution. Vendor/Product: Sophos Firewall. Added to CISA KEV 2022-09-23; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2022-3236