■■■■□ Zero-Day: Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution. Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User Portal and Webadmin areas of Sophos Firewall.
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce
https://t.me/cKure/11060