BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • 99% of Sophos firewalls are subject to critical vulnerability


    4400 servers are still vulnerable to the corrected error in the Sophos Firewall.

    More than 4400 servers set various versions of Sophos Firewall, which are subject to critical vulnerability that allows hackers to execute malicious code. This was stated by IB-company Vulncheck in her report.

    The vulnerability of the implementation of the CVE-2022-3236 code (CVSS: 9.8) allows you to remotely execute the code on the user portal and in the panel of the administrator of the fireworks SOPHOS. The error was revealed back in September 2022. The company then released an update with the correction of this deficiency.

    According to the study, more than 4400 servers (6% of all Sophos firewalls) remain vulnerable. In addition, more than 99% of Sophos firewalls are not updated to the corrected versions, and 93% work with current versions. Researchers suggested that almost all servers received an update, but the error is still present.

    The cybersecurity researcher Jacob Beins created an exploit for vulnerability based on technical descriptions in the Bulletin from Zero Day Initiative. Baines called on users of firewall Sophos to make sure that they are fixed. In his work, he also indicated compromise indicators.

    It is noteworthy that mass operation is unlikely due to the need to introduce a Captcha test during authentication by web clients. A vulnerable code is available only after checking Captcha. The failure of the Captcha dough will lead to an exploit.

    Most inter -grid SOPHOS screens include Captcha, and to run the exploit, you need to go through the test. The failure of the Captcha dough will lead to an exploit failure, which means that vulnerability cannot be used on a large scale.

    Sophos released automatic update in September 2022. According to Baines, the SOPHOS Firewall versions, available on the Internet, are running the already unsupported version. The researcher urged users to update the software to the very latest version, which Sophos announced in September.

    Author DeepWeb
    Hackers stole $3.5 billion worth of cryptocurrencies in 2022
    Gootkit Loader operators use VLC Media Player as a post-exploitation tool

    Comments 0

    Add comment