Two vulnerabilities in the User Portal of XG Firewall were recently discovered and responsibly disclosed to Sophos. They were reported via the Sophos bug bounty program by an external security researcher. Both vulnerabilities were post-authentication command injection vulnerabilities and have been fixed.
The remediation prevented authenticated users from remotely executing arbitrary code. There was no evidence that the vulnerabilities were exploited and to our knowledge no customers are impacted.
There is no action required for XG Firewall customers with the "Allow automatic installation of hotfixes" feature enabled. Enabled is the default setting.
A previous version of this article incorrectly stated that hotfixes were only released for v18.0 GA through MR1-Build396. It has been corrected to indicate that v18.0 MR2 received a hotfix as well.
Prism, thank you for your question. This was an error in the advisory. MR2 has received the hotfix as well, and I have updated the article accordingly.
Will this hotfix also be available on v18 MR-2?