Exploit for Sophos UTM Webadmin remote command execution CVE-2020-25223

Name: Exploit for Sophos UTM Webadmin remote command execution CVE-2020-25223
Rating: 5 (196 reviews)

2021-08-27 | CVSS 10.0

## https://sploitus.com/exploit?id=SAINT:4A73A5CD7FE341977E86117842CBB67D
Added: 08/27/2021  


### Background

Sophos UTM is a network security appliance. 

### Problem

A vulnerability in the Webadmin interface allows remote attackers to execute arbitrary commands by sending a specially crafted POST request. 

### Resolution

Upgrade to Sophos SG UTM v9.511 MR11, v9.607 MR7, or v9.705 MR5 or higher. 

### References

https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223   
https://www.atredis.com/blog/2021/8/18/sophos-utm-cve-2020-25223   


### Limitations

Exploit works on Sophos UTM v9.701 and possibly other versions. 

### Platforms

Linux