Hackers exploited SQL injection flaw to compromise Sophos XG firewall devices
Teiss
Jay Jay
Anti-virus firewall solutions provider Sophos recently revealed that cyber criminals exploited a SQL injection vulnerability in the management interface of XG firewall to exfiltrate user data such as usernames, passwords, and local device admins.
The security firm said it received a report on 22nd April regarding an XG Firewall with a suspicious field value visible in the management interface. After investigating the issue, the firm discovered the incident to be an attack against physical and virtual XG Firewall units.
"The attack affected systems configured with either the administration interface (HTTPS admin service) or the user portal exposed to the WAN zone. In addition, firewalls manually configured to expose...