Cloud Snooper
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:48
- Modified
- 21/12/2025 08:09
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 7 sectors, 4 countries, 9 indicators, 6 vulnerabilities (cve), 1 reports
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Sectors (7)
-
Technology targets
-
Healthcare targets
-
Government targets
-
Telecommunications targets
-
Energy targets
-
Defense targets
-
Finance targets
Countries (4)
-
British Indian Ocean Territory targets
-
China targets
-
Japan targets
-
India targets
Indicators (9)
-
sophosenterprisecenter.comindicatesstix 100/100 Revoked· Valid until 27/08/2025 · Source: AlienVault -
stix 100/100 Revoked· Valid until 17/12/2024 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 17/12/2024 · Source: AlienVault
-
filedownloaderservers.comindicatesstix 100/100 Revoked· Valid until 27/08/2025 · Source: AlienVault -
sophosfirewallupdate.comindicatesstix 100/100 Revoked· Valid until 27/08/2025 · Source: AlienVault -
sophosproductupdate.comindicatesstix 100/100 Revoked· Valid until 27/08/2025 · Source: AlienVault
Vulnerabilities (CVE) (6)
CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely.
- Published
- 06/02/2025
- Modified
- 21/12/2025
Sophos XG Firewall contains a buffer overflow vulnerability that allows for remote code execution via the "HTTP/S bookmark" feature.
- Published
- 06/02/2025
- Modified
- 21/12/2025
- Published
- 20/12/2025
- Modified
- 21/12/2025
An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.
- Published
- 31/03/2022
- Modified
- 21/12/2025
A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.
- Attack vector
- Network
- Published
- 23/09/2022
- Modified
- 27/05/2026
Sophos Firewall operating system (SFOS) firmware contains a SQL injection vulnerability when configured with either the administration (HTTPS) service or the User …
- Published
- 03/11/2021
- Modified
- 21/12/2025