■■■□□ Sophos Firewall CVE-2022-1040 (RCE) One-liner mass checker.
Sophos Firewall CVE-2022-1040 (RCE) one-liner mass checker.
REF: https://attackerkb.com/topics/cdXl2NL3cR/cve-2022-1040
cat sophos_servers | while read host do; do curl –connect-timeout 10 -ks -H “X-Requested-With: XMLHttpRequest” -X POST “https://$host/userportal/Controller?mode=8700&operation=1&datagrid=179&json=\{“”:”TEST”\}” | grep -q ‘Session Expired’ && printf “$host \033[1;41mVulnerable a CVE-2022-1040 (Sophos RCE)\e[0m\n”; done;
https://github.com/CronUp/Vulnerabilidades/blob/main/CVE-2022-1040_checker
https://t.me/cKure/11318