Description
Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.
Related CPE's
o
sonicwall
sma_200_firmware
3
o
sonicwall
sma_210_firmware
3
o
sonicwall
sma_400_firmware
3
o
sonicwall
sma_410_firmware
3
a
sonicwall
sma_500v
3
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-09-27T18:15:08.383
3 years agoLast modified
2021-10-06T17:29:36.947
3 years ago