CVSS: 10.0EPSS: 13%CPEs: 10EXPL: 0CVE-2016-2397 – Dell SonicWALL GMS Virtual Appliance Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-2397
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data. La implementación de cliserver en Dell SonicWALL GMS, Analyzer y UMA EM5000 7.2, 8.0 y 8.1 en versiones anteriores a Hotfix 168056 permite a atacantes remotos deserializar y ejecutar código Java arbitrario a través de datos XML manipulados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dell SonicWALL GMS Virtual Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the cliserver implementation, which accepts, deserializes, and executes XML-encoded, serialized Java code. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. • http://www.securitytracker.com/id/1035015 http://www.zerodayinitiative.com/advisories/ZDI-16-163 https://support.software.dell.com/product-notification/185943 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4173
https://notcve.org/view.php?id=CVE-2015-4173
Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. Vulnerabilidad en búsqueda de directorio sin entrecomillar en Windows en el valor autorun en Dell SonicWall NetExtender en versiones anteriores a 7.5.227 y 8.0.x en versiones anteriores a 8.0.238, tal como se utiliza en el firmware SRA en versiones anteriores a 7.5.1.2-40sv y 8.x en versiones anteriores a 8.0.0.3-23sv, permite a usuarios locales obtener privilegios a través de un Troyano en la carpeta %SYSTEMDRIVE%. • http://packetstormsecurity.com/files/133302/Dell-SonicWall-NetExtender-7.5.215-Privilege-Escalation.html http://www.securityfocus.com/archive/1/536303/100/0/threaded http://www.securitytracker.com/id/1033417 https://support.software.dell.com/product-notification/157537 • CWE-428: Unquoted Search Path or Element •
CVSS: 9.0EPSS: 13%CPEs: 4EXPL: 0CVE-2015-3990 – Dell Sonicwall GMS Virtual Appliance Multiple Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2015-3990
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration. La aplicación web GMS ViewPoint (GMSVP) en Dell Sonicwall GMS, Analyzer, y UMA EM5000 anterior a 7.2 SP4 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través de vectores relacionados con la configuración. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Dell SonicWALL Global Management System (GMS) virtual appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the GMS ViewPoint (GMSVP) web application. The issue lies in the handling of configuration input due to a failure to safely sanitize user data before executing a command. • http://www.securityfocus.com/bid/74756 http://www.securitytracker.com/id/1032373 http://www.zerodayinitiative.com/advisories/ZDI-15-231 https://support.software.dell.com/product-notification/152178 • CWE-19: Data Processing Errors •
CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 2CVE-2015-2248 – Dell SonicWALL Secure Remote Access (SRA) Appliance - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2015-2248
Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request to cgi-bin/editBookmark. Vulnerabilidad de CSRF en el portal del usuario en los productos Dell SonicWALL Secure Remote Access (SRA) con firmware anterior a 7.5.1.0-38sv y 8.x anterior a 8.0.0.1-16sv permite a atacantes remotos secuestrar la autenticación de usuarios para solicitudes que crean favoritos a través de una solicitud manipulada a cgi-bin/editBookmark. • https://www.exploit-db.com/exploits/36940 http://packetstormsecurity.com/files/131762/Dell-SonicWALL-Secure-Remote-Access-7.5-8.0-CSRF.html http://www.scip.ch/en/?vuldb.75111 http://www.securityfocus.com/bid/73098 http://www.securitytracker.com/id/1032227 https://support.software.dell.com/product-notification/151370?productName=SonicWALL%20SRA%20Series • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2015-3447
https://notcve.org/view.php?id=CVE-2015-3447
Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter. Múltiples vulnerabilidades de XSS en macIpSpoofView.html en Dell SonicWall SonicOS 7.5.0.12 y 6.x permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro (1) searchSpoof o (2) searchSpoofIpDet. • http://seclists.org/fulldisclosure/2015/Apr/97 http://www.securityfocus.com/archive/1/535393/100/0/threaded http://www.securityfocus.com/bid/74406 http://www.securitytracker.com/id/1032204 http://www.vulnerability-lab.com/get_content.php?id=1359 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •