CVE-2020-12271: Zero-Day SQL Injection Vulnerability in Sophos XG Firewall Exploited in the Wild
Tenable
APRIL 27, 2020
On April 22, Sophos published a knowledge base entry on the Sophos Community regarding the discovery of a zero-day vulnerability in the Sophos XG Firewall that was exploited in the wild. The attack targets the XG Firewall administration interface, which is accessible via the user portal, over HTTPs, or on the WAN zone.
Let's personalize your content