{"id":50215,"date":"2023-01-18T15:53:23","date_gmt":"2023-01-18T15:53:23","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34226\/More-Than-4-400-Sophos-Firewall-Servers-Remain-Vulnerable-To-Critical-Exploits.html"},"modified":"2023-01-18T15:53:23","modified_gmt":"2023-01-18T15:53:23","slug":"more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/","title":{"rendered":"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/01\/exploit-800x534.jpg\" alt=\"Photograph depicts a security scanner extracting virus from a string of binary code. Hand with the word &quot;exploit&quot;\"><figcaption class=\"caption\">\n<div class=\"caption-credit\">Getty Images<\/div>\n<\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a title=\"0 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2023\/01\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">29<\/span> <span class=\"visually-hidden\"> with 0 posters participating<\/span> <\/a> <\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/p><\/div>\n<\/aside>\n<p> <!-- cache hit 4:single\/related:f8a650ae93739bb80fa40cfdf0dd963f --><!-- empty --><\/p>\n<p>More than 4,400 Internet-exposed servers are running versions of the Sophos Firewall that\u2019s vulnerable to a critical exploit that allows hackers to execute malicious code, a researcher has warned.<\/p>\n<p>CVE-2022-3236 is a code-injection vulnerability allowing remote code execution in the User Portal and Webadmin of Sophos Firewalls. It carries a severity rating of 9.8 out of 10. When Sophos <a href=\"https:\/\/www.sophos.com\/en-us\/security-advisories\/sophos-sa-20220923-sfos-rce\">disclosed the vulnerability<\/a> last September, the company warned it had been exploited in the wild as a zero-day. The security company urged customers to install a hotfix and, later on, a full-blown patch to prevent infection.<\/p>\n<p>According to <a href=\"https:\/\/vulncheck.com\/blog\/sophos-cve-2022-3236\">recently published research<\/a>, more than 4,400 servers running the Sophos firewall remain vulnerable. That accounts for about 6 percent of all Sophos firewalls, security firm VulnCheck said, citing figures from a search on Shodan.<\/p>\n<p>\u201cMore than 99% of Internet-facing Sophos Firewalls haven&#8217;t upgraded to versions containing the official fix for CVE-2022-3236,\u201d VulnCheck researcher Jacob Baines wrote. \u201cBut around 93% are running versions that are eligible for a hotfix, and the default behavior for the firewall is to automatically download and apply hotfixes (unless disabled by an administrator). It\u2019s likely that almost all servers eligible for a hotfix received one, although mistakes do happen. That still leaves more than 4,000 firewalls (or about 6% of Internet-facing Sophos Firewalls) running versions that didn\u2019t receive a hotfix and are therefore vulnerable.\u201d<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>The researcher said he was able to create a working exploit for the vulnerability based on technical descriptions in <a href=\"https:\/\/www.zerodayinitiative.com\/blog\/2022\/10\/19\/cve-2022-3236-sophos-firewall-user-portal-and-web-admin-code-injection\">this advisory<\/a> from the Zero Day Initiative. The research&#8217;s implicit warning: Should exploit code become public, there\u2019s no shortage of servers that could be infected.<\/p>\n<p>Baines urged Sophos firewall users to ensure they\u2019re patched. He also advised users of vulnerable servers to check for two indicators of possible compromise. The first is the log file located at: \/logs\/csc.log, and the second is \/log\/validationError.log. When either contains the_discriminator field in a login request, there likely was an attempt, successful or otherwise, to exploit the vulnerability, he said.<\/p>\n<p>The silver lining in the research is that mass exploitation isn\u2019t likely because of a CAPTCHA that must be completed during authentication by web clients.<\/p>\n<p>\u201cThe vulnerable code is only reached after the CAPTCHA is validated,\u201d Baines wrote. \u201cA failed CAPTCHA will result in the exploit failing. While not impossible, programmatically solving&nbsp;CAPTCHAs is a high hurdle for most attackers. Most Internet-facing Sophos Firewalls appear to have the login CAPTCHA enabled, which means, even at the most opportune times, this vulnerability was unlikely to have been successfully exploited at scale.\u201d<\/p>\n<p>In a statement, Sophos officials wrote: &#8220;Sophos&nbsp;took immediate steps to remediate this issue with an automated hotfix sent out in September 2022. We also alerted users who don&#8217;t receive automatic hotfixes to apply the update themselves.&nbsp;The remaining 6% of the Internet-facing versions that Baines is guestimating in his article are running old, unsupported version of the software. This is a good opportunity to remind these users, as well as all users of any type of outdated software, to follow best security practices and upgrade to the most recent version available, like Sophos does on a regular basis with its customers.&#8221;<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34226\/More-Than-4-400-Sophos-Firewall-Servers-Remain-Vulnerable-To-Critical-Exploits.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":50216,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[968],"class_list":["post-50215","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-18T15:53:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/01\/exploit-800x534.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits\",\"datePublished\":\"2023-01-18T15:53:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/\"},\"wordCount\":554,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits.jpg\",\"keywords\":[\"headline,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/\",\"name\":\"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits.jpg\",\"datePublished\":\"2023-01-18T15:53:23+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits.jpg\",\"width\":800,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/","og_locale":"en_US","og_type":"article","og_title":"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-01-18T15:53:23+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/01\/exploit-800x534.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits","datePublished":"2023-01-18T15:53:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/"},"wordCount":554,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/01\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits.jpg","keywords":["headline,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/","url":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/","name":"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/01\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits.jpg","datePublished":"2023-01-18T15:53:23+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/01\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/01\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits.jpg","width":800,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/more-than-4400-sophos-firewall-servers-remain-vulnerable-to-critical-exploits\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineflaw\/"},{"@type":"ListItem","position":3,"name":"More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50215","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=50215"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50215\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/50216"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=50215"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=50215"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=50215"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}