CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34130
https://notcve.org/view.php?id=CVE-2023-34130
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 https://www.sonicwall.com/support/notices/230710150218060 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34129 – SonicWALL GMS Virtual Appliance Syslog Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-34129
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote attacker to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SonicWALL GMS Virtual Appliance. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the InboundSyslogFile class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 https://www.sonicwall.com/support/notices/230710150218060 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34128
https://notcve.org/view.php?id=CVE-2023-34128
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 https://www.sonicwall.com/support/notices/230710150218060 • CWE-260: Password in Configuration File CWE-522: Insufficiently Protected Credentials •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34127 – Sonicwall GMS 9.9.9320 Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-34127
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. • http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 https://www.sonicwall.com/support/notices/230710150218060 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34126
https://notcve.org/view.php?id=CVE-2023-34126
Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 https://www.sonicwall.com/support/notices/230710150218060 • CWE-434: Unrestricted Upload of File with Dangerous Type •