Share
## https://sploitus.com/exploit?id=B2F9DD97-EDFA-5938-BB70-0014258723D3
# CVE-2022-1040-RCE
cve-2022-1040 is an auth bypass and remote code execution in webmin portal of sophos firewall
sophos webmin portal auth bypass and rce all in one script;
The vulnerability affects Sophos Firewall v18.5 MR3 (18.5.3) and older

# Mitigation:
update to latest version asap
https://support.sophos.com/support/s/article/KB-000043853?language=en_US

# to avoid misusing of this script its not for free:
it contains the script and a barely fresh dumped ip list ~190k from shodan with probably high number of vulnerable targets.
with huge discount
https://satoshidisk.com/pay/CFUNtj