A pre-authentication SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan. Attack consists of a chain of Linux shell scripts hosted on an innocuous-sounding yet malicious domain, Sophos said. Sophos issued a hotfix this week for the issue, which affects both physical and virtual versions of the Sophos XG Firewall (both physical and. virtual versions) Attackers have been targeting the. security firm using a zero-day exploit, according to the security firm.
Source: https://threatpost.com/hackers-zero-day-attacks-sophos-firewalls/155169/