SonicWall SMA 500v and SMA 100 Series Firmware Heap Buffer Overflow
January 12, 2023 2023-1-13 04:51:4 Author: blog.exodusintel.com(查看原文) 阅读量:14 收藏
January 12, 2023 2023-1-13 04:51:4 Author: blog.exodusintel.com(查看原文) 阅读量:14 收藏
EIP-6a6472ab
A remote code execution vulnerability exists in SonicWall SMA 100 Series and SMA 500v Series due to a heap buffer overflow in the ‘extensionsetting’ endpoint. A remote, authenticated attacker can send crafted HTTP POST requests to execute code on vulnerable targets as the ‘nobody’ user.
Vulnerability Identifiers
- Exodus Intelligence: EIP-6a6472ab
- MITRE: CVE-2022-2915
Vulnerability Metrics
- CVSSv2 Score: 6.0
Vendor References
Discovery Credit
- Sergi Martinez (Exodus Intelligence)
Disclosure Timeline
- Disclosed to affected vendor: April 21st, 2022
- Disclosed to public: January 12th, 2023
Further Information
Readers of this advisory who are interested in receiving further details around the vulnerability, mitigations, detection guidance, and more can contact us at [email protected].
Researchers who are interested in monetizing their 0Day and NDay can work with us through our Research Sponsorship Program (RSP).
文章来源: https://blog.exodusintel.com/2023/01/12/sonicwall-sma-500v-and-sma-100-series-firmware-heap-buffer-overflow/?utm_source=rss&utm_medium=rss&utm_campaign=sonicwall-sma-500v-and-sma-100-series-firmware-heap-buffer-overflow
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh