Dell SonicWALL Secure Mobile Access SMA 8.1 XSS And WAF CSRF
Vendor: Dell Inc.
Product web page: https://www.sonicwall.com/products/secure-mobile-access/
Affected version: 8.1 (SSL-VPN)
Summary: Keep up with the demands of todayas remote workforce. Enable secure
mobile access to critical apps and data without compromising security. Choose
from a variety of scalable secure mobile access (SMA) appliances and intuitive
Mobile Connect apps to fit every size business and budget.
Desc: SonicWALL SMA suffers from a XSS issue due to a failure to properly sanitize
user-supplied input to several parameters. Attackers can exploit this weakness
to execute arbitrary HTML and script code in a user's browser session. The WAF was
bypassed via form-based CSRF.
Tested on: SonicWALL SSL-VPN Web Server
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic