Vulnerabilities for Sonicwall secure remote access server (...) - CXSECURITY.COM

Vulnerabilities for
'Sonicwall secure remote access server'

2017-02-22

CVE-2016-9684

CWE-77

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI (/cgi-bin/viewcert) component responsible for processing SSL certificate information. The CGI application doesn't properly escape the information it's passed in the 'CERT' variable before a call to system() is performed - allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account.

CVE-2016-9683

CWE-77

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI (/cgi-bin/extensionsettings) component responsible for handling some of the server's internal configurations. The CGI application doesn't properly escape the information it's passed when processing a particular multi-part form request involving scripts. The filename of the 'scriptname' variable is read in unsanitized before a call to system() is performed - allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. This is SonicWall Issue ID 181195.

CVE-2016-9682

CWE-77

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out information about the state of the system. The application doesn't properly escape the information passed in the 'tsrDeleteRestartedFile' or 'currentTSREmailTo' variables before making a call to system(), allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account.

>>> Vendor: DELL 195 Products

Truemobile 1300 wlan mini-pci card util trayapplet

Truemobile 2300 wireless broadband router

Remote access card

Dellsystemlite.scanner activex control

Kace k2000 systems deployment appliance

Powervault ml6000 firmware

Powervault ml6000

Powervault ml6010

Powervault ml6020

Powervault ml6030

Wyse device manager

Sonicwall scrutinizer

Sonicwall scrutinizer with flow analytics module

Sonicwall viewpoint

Openmanage server administrator

Powerconnect 6248p

Idrac6 firmware

Latitude e6400 atg

Latitude e6400 atg xfr

Precision m2300

Precision m2400

Precision m4300

Precision m4400

Precision m6300

Precision m6400

Precision m6500

Idrac6 monolithic

Idrac7 firmware

Quest one password manager

Sonicwall analyzer

Sonicwall global management system

Sonicwall universal management appliance e5000 software

Sonicwall universal management appliance e5000

Powerconnect 3348

Powerconnect 3524p

Powerconnect 5324

Kace k1000 systems management appliance software

Kace k1000 systems management virtual appliance

Kace k1000 systems management appliance

Kace k1100s systems management appliance

Kace k1200s systems management appliance

Sonicwall network security appliance 2400

Sonicwall email security

Sonicwall umaem5000

Equallogic ps4000 firmware

Sonicwall sonicos

Sonicwall secure remote access firmware

Sonicwall umaem5000 firmware

Netvault backup

Sonicwall netextender firmware

Sonicwall totalsecure tz 100 firmware

Pre-boot authentication driver

Sonicwall uma em5000 firmware

Idrac8 firmware

Sonicwall secure remote access server

Integrated remote access controller firmware

Storage manager 2016

Emc supportassist enterprise

Emc vmax embedded management

Emc isilon onefs

Emc integrated data protection appliance

Emc vnx1 operating environment

See all Products for Vendor DELL

Copyright 2024, cxsecurity.com