CVE-2016-9682
Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out information about the state of the system. The application doesn't properly escape the information passed in the 'tsrDeleteRestartedFile' or 'currentTSREmailTo' variables before making a call to system(), allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account.
El servidor SonicWall Secure Remote Access (versión 8.1.0.2-14sv) es vulnerable a dos vulnerabilidades de Inyección Remota de Comandos en su interfaz administrativa web. Estas vulnerabilidades tienen lugar en el componente de diagnósticos CGI (/cgi-bin/diagnostics) responsable de enviar por correo electrónico información sobre el estado del sistema. La aplicación no escapa adecuadamente de la información pasada en las variables 'tsrDeleteRestartedFile' o 'currentTSREmailTo' antes de hacer una llamada al sistema(), permitiendo la inyección remota de comandos. La explotación de esta vulnerabilidad genera acceso shell a la máquina remota bajo la cuenta de usuario "nobody".
Sonicwall Secure Remote Access (SRA) version 8.1.0.2-14sv suffers from a remote command injection vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-11-30 CVE Reserved
- 2017-02-22 CVE Published
- 2024-04-16 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/96375 | Vdb Entry | |
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2016-0003 | X_refsource_confirm |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/42342 | 2024-08-06 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Sonicwall Secure Remote Access Server Search vendor "Dell" for product "Sonicwall Secure Remote Access Server" | 8.1.0.2-14sv Search vendor "Dell" for product "Sonicwall Secure Remote Access Server" and version "8.1.0.2-14sv" | - |
Affected
|