[German]Note for people running Sophos firewalls or similar with Cyberoam OS. Sophos has deployed a hotfix for its Cyberoam firewalls and routers to address an SQL injection vulnerability.
Advertising
Sophos bought firewall and router vendor Cyberoam Technologies in 2014 and has been offering free upgrades for its XG Firewall OS since 2019.
SQL injection vulnerability in Cyberoam OS
In a security advisory, Sophos informs about a SQL injection vulnerability in Cyberoam OS, writing:
A pre-authentication SQL injection vulnerability was recently discovered and fixed on Cyberoam operating system (CROS) devices. This type of vulnerability could allow SQL statements to be executed remotely, but only if the administration interface (HTTPS admin service) was exposed on the WAN zone. No other Sophos products were affected.
Sophos provided a hotfix for several CROS versions. Here is an overview:
- Version 10.6.4 and above (December 4, 2020)
- Version 10.6.3 MR4 & MR5, 10.6.2 MR1 (December 5, 2020)
Note: Unsupported version – Please upgrade to the latest CROS version or to our next-gen XG Firewall for advanced security, performance, and protection - All versions prior to and including 10.6.1 : N/A
Note: Unsupported version – Please upgrade to the latest CROS version or to our next-gen XG Firewall for advanced security, performance, and protection
In the security advisory, Sophos provides information on how to ensure that the hotfix is installed. Bleeping Computer has published some more information here.
