The Sophos Firewall Webadmin and User Portal HTTP interfaces are vulnerable to unauthenticated and remote code execution, as stated in an alert released by Sophos in September. The vulnerability, CVE-2022-3236, was reportedly utilized against “a small collection of specific organizations, primarily in the South Asia region” in the past.
Read full article on GBHackers