First published: Wed Feb 22 2017(Updated: )
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI (/cgi-bin/viewcert) component responsible for processing SSL certificate information. The CGI application doesn't properly escape the information it's passed in the 'CERT' variable before a call to system() is performed - allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SonicWall Secure Remote Access | =8.1.0.2-14sv |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-9684 is classified as a critical severity vulnerability due to its potential for remote command injection.
To fix CVE-2016-9684, upgrade the SonicWall Secure Remote Access Server to a version higher than 8.1.0.2-14sv that addresses this vulnerability.
The risks include unauthorized remote access and control over the affected SonicWall device, leading to potential data breaches.
CVE-2016-9684 affects SonicWall Secure Remote Access Server version 8.1.0.2-14sv.
The exploit method for CVE-2016-9684 involves sending crafted requests to the 'viewcert' CGI component to execute arbitrary commands on the server.