Remote Code Execution Vulnerability in SonicWall Global Management System
CVE-2018-9866
9.8CRITICAL
Key Information:
- Vendor
Sonicwall
- Vendor
- CVE Published:
- 3 August 2018
What is CVE-2018-9866?
A security deficiency exists in the SonicWall Global Management System (GMS) virtual appliance due to inadequate validation of user-supplied parameters in XML-RPC calls. This flaw can enable a remote attacker to execute arbitrary code, potentially compromising the system's integrity and leading to unauthorized operations. This vulnerability affects GMS version 8.1 and earlier, necessitating immediate attention to safeguard the environment.
Affected Version(s)
Global Management System (GMS) 8.1 and earlier