RCE Vulnerability Announcement KBA134582

Can someone from Sophos confirm if the Hot Fix for 17.5 MR9 was also pushed to 18EAP?



  • Yes. You can confirm the same by executing the following command from your v18 device shell access (option 5, then option 3):

    XG135_XN03_SFOS 18.0.0 EAP1-Refresh1# md5sum /bin/dropbear

    The output must show the value f2f938a6eccaf4a5114abeb2e0819c31 which means that the SSH is on the latest version.


    Also, you can check the version of the hot-fix that has been applied on your device from console prompt (option 4):

    console> system diagnostics show version-info


    If it shows the hotfix version as 1, that means the latest version of the hotfix is installed on your device.

    Reference article showing information about the latest hotfix versions: https://community.sophos.com/kb/en-us/134853


    Hope this helps!