A remote code execution vulnerability exists in SonicWall SMA 100 Series and SMA 500v Series due to a heap buffer overflow in the ‘extensionsetting’ endpoint. A remote, authenticated attacker can send crafted HTTP POST requests to execute code on vulnerable targets as the ‘nobody’ user.
- Exodus Intelligence: EIP-6a6472ab
- MITRE: CVE-2022-2915
- CVSSv2 Score: 6.0
- Sergi Martinez (Exodus Intelligence)
- Disclosed to affected vendor: April 21st, 2022
- Disclosed to public: January 12th, 2023
Readers of this advisory who are interested in receiving further details around the vulnerability, mitigations, detection guidance, and more can contact us at firstname.lastname@example.org.
Researchers who are interested in monetizing their 0Day and NDay can work with us through our Research Sponsorship Program (RSP).