Get our weekly newsletter Nothing like topping off unauth'd remote code execution with a su password of ... password
Technical details and exploitation notes have been published for a remote-code-execution vulnerability in Sonicwall SMA 100 series VPN appliances.
The information was released today by infosec outfit Rapid7. This comes about a month after Sonicwall issued a patch for the security hole, which was discovered and privately disclosed by Rapid7's Jake Baines to Sonicwall in October.
If you haven't yet applied the update, now would be a good time before it's widely exploited. So far there ...