A vulnerability has been discovered in Sophos Firewall’s user portal and Webadmin that could allow for arbitrary remote code execution. Sophos Firewall is a next generation firewall product which enables users to manage, detect and respond to threats on the network. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the web application. Depending on the privileges associated with the application, an attacker could view, change, or delete data.

Read More