CVE-2017-12854

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-12854. PoCs published by SecuriTeam.

AI-analyzed exploit summary This exploit demonstrates a path traversal vulnerability (CVE-2017-12854) in Sophos XG Firewall 16.05.4 MR-4, allowing authenticated users to download arbitrary files (e.g., /etc/passwd) via crafted requests. It also highlights a missing function-level access control, enabling low-privileged User Portal users to exploit the same vulnerability.

Description

Sophos XG Firewall 16.05.4 MR-4 - Path Traversal

Exploits (1)

exploitdb WORKING POC

by SecuriTeam · webappshardware

https://www.exploit-db.com/exploits/44065

View Code ZIP pw:eip

This exploit demonstrates a path traversal vulnerability (CVE-2017-12854) in Sophos XG Firewall 16.05.4 MR-4, allowing authenticated users to download arbitrary files (e.g., /etc/passwd) via crafted requests. It also highlights a missing function-level access control, enabling low-privileged User Portal users to exploit the same vulnerability.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Sophos XG Firewall 16.05.4 MR-4

Auth required

Prerequisites: Authenticated access to Sophos XG Firewall (admin or User Portal) · CSRF token extraction

MITRE ATT&CK

T1006 - Direct Volume Access T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Sophos XG Firewall 16.05.4 MR-4 - Path Traversal

Exploitation Summary

Description

Exploits (1)

Details