CVE-2021-20039: OS Command Injection
First published: Wed Dec 08 2021(Updated: )
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Credit: PSIRT@sonicwall.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWall SMA 200 firmware | =9.0.0.11-31sv | |
| SonicWall SMA 200 firmware | =10.2.0.8-37sv | |
| SonicWall SMA 200 firmware | =10.2.1.1-19sv | |
| SonicWall SMA 200 firmware | ||
| SonicWall SMA 210 | =9.0.0.11-31sv | |
| SonicWall SMA 210 | =10.2.0.8-37sv | |
| SonicWall SMA 210 | =10.2.1.1-19sv | |
| SonicWall SMA 210 Firmware | ||
| SonicWall SMA 410 | =9.0.0.11-31sv | |
| SonicWall SMA 410 | =10.2.0.8-37sv | |
| SonicWall SMA 410 | =10.2.1.1-19sv | |
| SonicWall SMA 410 | ||
| SonicWall SMA 400 firmware | =9.0.0.11-31sv | |
| SonicWall SMA 400 firmware | =10.2.0.8-37sv | |
| SonicWall SMA 400 firmware | =10.2.1.1-19sv | |
| SonicWall SMA 400 firmware | ||
| SonicWall SMA 500v Firmware | =9.0.0.11-31sv | |
| SonicWall SMA 500v Firmware | =10.2.0.8-37sv | |
| SonicWall SMA 500v Firmware | =10.2.1.1-19sv | |
| SonicWall SMA 500v Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2021-20039.
What is the severity level of CVE-2021-20039?
The severity level of CVE-2021-20039 is critical with a score of 8.8.
Which Sonicwall devices are affected by CVE-2021-20039?
Sonicwall SMA 200, 210, 400, 410, and 500v appliances are affected by CVE-2021-20039.
How does CVE-2021-20039 allow an attacker to exploit the vulnerability?
CVE-2021-20039 allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user through the SMA100 management interface '/cgi-bin/viewcert' POST http method.
Are Sonicwall SMA 200, 210, 400, 410, and 500v appliances vulnerable to CVE-2021-20039?
Yes, Sonicwall SMA 200, 210, 400, 410, and 500v appliances are vulnerable to CVE-2021-20039.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/sonicwall
- canonical/sonicwall sma 200 firmware
- version/sonicwall sma 200 firmware/9.0.0.11-31sv
- version/sonicwall sma 200 firmware/10.2.0.8-37sv
- version/sonicwall sma 200 firmware/10.2.1.1-19sv
- canonical/sonicwall sma 210
- version/sonicwall sma 210/9.0.0.11-31sv
- version/sonicwall sma 210/10.2.0.8-37sv
- version/sonicwall sma 210/10.2.1.1-19sv
- canonical/sonicwall sma 210 firmware
- canonical/sonicwall sma 410
- version/sonicwall sma 410/9.0.0.11-31sv
- version/sonicwall sma 410/10.2.0.8-37sv
- version/sonicwall sma 410/10.2.1.1-19sv
- canonical/sonicwall sma 400 firmware
- version/sonicwall sma 400 firmware/9.0.0.11-31sv
- version/sonicwall sma 400 firmware/10.2.0.8-37sv
- version/sonicwall sma 400 firmware/10.2.1.1-19sv
- canonical/sonicwall sma 500v firmware
- version/sonicwall sma 500v firmware/9.0.0.11-31sv
- version/sonicwall sma 500v firmware/10.2.0.8-37sv
- version/sonicwall sma 500v firmware/10.2.1.1-19sv