SonicWall.SMA.Viewcert.Auth.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in SonicWall SMA100 management interface.
This vulnerability is due to insufficient validation of the CERT field. A remote, authenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation could lead to arbitrary code execution in the security context of SYSTEM.
Affected Products
SMA 100 Series (SMA 200, 210, 400, 410, 500v) 9.0.0.11-31sv, 10.2.0.8-37sv, 10.2.1.1-19sv
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |