cve/2022/CVE-2022-48309.md

CVE-2022-48309

Description

A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90.

POC

Reference

No PoCs from references.

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/nitschSB/CVE-2022-48309-and-CVE-2022-48310
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/scopas1293/SophosConnectUpgradeScript