Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote malicious user to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sonicwall global management system |
||
sonicwall analytics |
||
sonicwall global management system 9.3.2 |