Sophos XG Firewall SQL注入漏洞
漏洞信息
漏洞名称: Sophos XG Firewall SQL注入漏洞
漏洞编号:
- CVE: CVE-2020-12271
漏洞类型: SQL注入
漏洞等级: 严重
漏洞描述: Sophos XG Firewall是一款广泛使用的网络安全设备,为企业提供防火墙、入侵防御、VPN等功能,常用于保护企业网络免受外部威胁。该产品在全球范围内有大量部署,特别是在需要高级网络安全防护的中大型企业中。此次发现的SQL注入漏洞影响了配置了管理(HTTPS)服务或在WAN区域暴露了用户门户的设备。漏洞的技术根源在于输入验证不充分,攻击者可以通过构造恶意的SQL查询来绕过安全限制,进而执行远程代码。成功利用此漏洞的攻击者可以获取本地设备管理员、门户管理员以及用于远程访问的用户账户的用户名和哈希密码(但不包括外部Active Directory或LDAP密码)。由于该漏洞允许远程代码执行,且无需认证即可利用,因此其安全风险极高,可能导致严重的数据泄露和服务中断。Sophos已在2020年4月25日之前发布的更新中修复了此漏洞,建议所有受影响用户立即升级到最新版本以防范潜在的攻击。
产品厂商: Sophos
产品名称: Sophos XG Firewall
影响版本: 17.0, 17.1, 17.5, 18.0 before 2020-04-25
搜索语法: http.title:”sophos”
来源: https://github.com/projectdiscovery/nuclei-templates/issues/12499
类型: projectdiscovery/nuclei-templates:github issues
来源概述
Description:
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone. A successful attack may have caused remote code execution that exfiltrated usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access (but not external Active Directory or LDAP passwords)
Severity: Critical
POC:
KEV: True
Shodan Query: http.title:"sophos"
Acceptance Criteria: The template must include a complete POC and should not rely solely on version-based detection. Contributors are required to provide debug data(
-debug) along with the template to help the triage team with validation or can also share a vulnerable environment like docker file.
Rewards will only be given once the template is fully validated by the team. Templates that are incomplete or invalid will not be accepted. Avoid adding code templates for CVEs that can be achieved using HTTP, TCP, or JavaScript. Such templates are blocked by default and won’t produce results, so we prioritize creating templates with other protocols unless exceptions are made.
You can check the FAQ for the Nuclei Templates Community Rewards Program here.