Vulnerability identifier: #VU61613
Vulnerability risk: High
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-121
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
SonicOS
Operating systems & Components /
Operating system
TZ270
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ270W
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ370
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ370W
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ470
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ470W
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ570
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ570W
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ570P
Hardware solutions /
Routers & switches, VoIP, GSM, etc
TZ670
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSa 2700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSa 3700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSa 4700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSa 5700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSa 6700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSsp 10700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSsp 11700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSsp 13700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 270
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 470
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 870
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSsp 15700
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 10
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 25
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 50
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 100
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 200
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 300
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 400
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 800
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NSv 1600
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Vendor: SonicWall
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote unauthenticated attacker can send a specially crafted HTTP request, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
SonicOS: 6.5.4.4-44v-21-955 - 7.0.1-R1456
TZ270: All versions
TZ270W: All versions
TZ370: All versions
TZ370W: All versions
TZ470: All versions
TZ470W: All versions
TZ570: All versions
TZ570W: All versions
TZ570P: All versions
TZ670: All versions
NSa 2700: All versions
NSa 3700: All versions
NSa 4700: All versions
NSa 5700: All versions
NSa 6700: All versions
NSsp 10700: All versions
NSsp 11700: All versions
NSsp 13700: All versions
NSv 270: All versions
NSv 470: All versions
NSv 870: All versions
NSsp 15700: All versions
NSv 10: All versions
NSv 25: All versions
NSv 50: All versions
NSv 100: All versions
NSv 200: All versions
NSv 300: All versions
NSv 400: All versions
NSv 800: All versions
NSv 1600: All versions
External links
http://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.