CVE-2024-12728
CRITICALDescription
A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0.3).
Is your site exposed to CVE-2024-12728?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| sophos | firewall_firmware |
| sophos | firewall |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-12728? +
How severe is CVE-2024-12728? +
What products are affected by CVE-2024-12728? +
How do I check if I'm vulnerable to CVE-2024-12728? +
Related Vulnerabilities
Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they …
Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs …
Longse model LBH30FE200W cameras, as well as products based on this device, make use of telnet passwords which follow a …
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials.
In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can …
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. …