Hackers exploited SQL injection flaw to compromise Sophos XG firewall devices

Teiss

Jay Jay

Anti-virus firewall solutions provider Sophos recently revealed that cyber criminals exploited a SQL injection vulnerability in the management interface of XG firewall to exfiltrate user data such as usernames, passwords, and local device admins.
The security firm said it received a report on 22nd April regarding an XG Firewall with a suspicious field value visible in the management interface. After investigating the issue, the firm discovered the incident to be an attack against physical and virtual XG Firewall units.

"The attack affected systems configured with either the administration interface (HTTPS admin service) or the user portal exposed to the WAN zone. In addition, firewalls manually configured to expose...

Get the Morning Update

Thanks for subscribing!