Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated malicious user to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sonicwall sma_200_firmware 9.0.0.11-31sv |
||
sonicwall sma_200_firmware 10.2.0.8-37sv |
||
sonicwall sma_200_firmware 10.2.1.1-19sv |
||
sonicwall sma_210_firmware 9.0.0.11-31sv |
||
sonicwall sma_210_firmware 10.2.0.8-37sv |
||
sonicwall sma_210_firmware 10.2.1.1-19sv |
||
sonicwall sma_410_firmware 9.0.0.11-31sv |
||
sonicwall sma_410_firmware 10.2.0.8-37sv |
||
sonicwall sma_410_firmware 10.2.1.1-19sv |
||
sonicwall sma_400_firmware 9.0.0.11-31sv |
||
sonicwall sma_400_firmware 10.2.0.8-37sv |
||
sonicwall sma_400_firmware 10.2.1.1-19sv |
||
sonicwall sma_500v_firmware 9.0.0.11-31sv |
||
sonicwall sma_500v_firmware 10.2.0.8-37sv |
||
sonicwall sma_500v_firmware 10.2.1.1-19sv |