CVE-2021-36807
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8.
Date published : 2021-11-26
https://www.sophos.com/en-us/security-advisories/sophos-sa-20211126-sg-sqli