Remote Command Injection Vulnerability in SonicWall Secure Remote Access Server
CVE-2016-9683

9.8CRITICAL

Key Information:

Vendor
Dell
Status
Sonicwall Secure Remote Access Server
Vendor
CVE Published:
22 February 2017

Summary

The SonicWall Secure Remote Access server is susceptible to a Remote Command Injection vulnerability through its web administration interface. This flaw lies within the 'extensionsettings' CGI component, which inadequately sanitizes input from a certain multi-part form submission related to server configurations. The vulnerability allows an attacker to pass harmful commands via the 'scriptname' variable, leading to unauthorized shell access to the affected server under the 'nobody' user account. Prompt action is needed to mitigate risks associated with this security issue.

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-201...
x_refsource_CONFIRM
http://documents.software.dell.com/sonicwall-sma-100-seri...
x_refsource_CONFIRM
http://pastebin.com/eJbeXgBr
x_refsource_MISC

EPSS Score

21% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.