Firewall
by Endian
CVEs (43)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-34811 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/xtaccess.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34810 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/vpnfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34809 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/zonefw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34808 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/outgoingfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34807 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/incoming.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34806 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/snat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34805 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34804 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34803 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the name parameter to /manage/qos/classes/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34802 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark user ham spam parameter to /cgi-bin/salearn.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34801 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dhcp/fixed_leases/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34800 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the NAME parameter to /cgi-bin/uplinkeditor.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2026-34799 | Med | 0.42 | 6.4 | 0.00 | Apr 2, 2026 | Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dnsmasq/hosts/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. | ||
| CVE-2020-12271 | 0.25 | — | 0.43 | KEV | Apr 27, 2020 | A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone.… | ||
| CVE-2020-15069 | 0.19 | — | 0.11 | KEV | Jun 29, 2020 | Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x. | ||
| CVE-2015-5082 | 0.09 | — | 0.70 | Sep 28, 2015 | Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi. | |||
| CVE-2012-4923 | 0.03 | — | 0.02 | Sep 15, 2012 | Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi. | |||
| CVE-2024-13973 | 0.00 | — | 0.08 | Jul 21, 2025 | A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 (21.0.1) can potentially lead to administrators achieving arbitrary code execution. | |||
| CVE-2022-45963 | 0.00 | — | 0.01 | Dec 27, 2022 | h3c firewall <= 3.10 ESS6703 has a privilege bypass vulnerability. | |||
| CVE-2021-28130 | 0.00 | — | 0.00 | Sep 24, 2021 | Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters. |
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/xtaccess.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/vpnfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/zonefw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/outgoingfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/incoming.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/snat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the name parameter to /manage/qos/classes/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark user ham spam parameter to /cgi-bin/salearn.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dhcp/fixed_leases/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the NAME parameter to /cgi-bin/uplinkeditor.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.42cvss 6.4epss 0.00
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dnsmasq/hosts/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
- risk 0.25cvss —epss 0.43
A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone.…
- risk 0.19cvss —epss 0.11
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.
- CVE-2015-5082Sep 28, 2015risk 0.09cvss —epss 0.70
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
- CVE-2012-4923Sep 15, 2012risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.
- CVE-2024-13973Jul 21, 2025risk 0.00cvss —epss 0.08
A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 (21.0.1) can potentially lead to administrators achieving arbitrary code execution.
- CVE-2022-45963Dec 27, 2022risk 0.00cvss —epss 0.01
h3c firewall <= 3.10 ESS6703 has a privilege bypass vulnerability.
- CVE-2021-28130Sep 24, 2021risk 0.00cvss —epss 0.00
Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters.
Page 2 of 3