EIP-6a6472ab
A remote code execution vulnerability exists in SonicWall SMA 100 Series and SMA 500v Series due to a heap buffer overflow in the ‘extensionsetting’ endpoint. A remote, authenticated attacker can send crafted HTTP POST requests to execute code on vulnerable targets as the ‘nobody’ user.
Vulnerability Identifiers
- Exodus Intelligence: EIP-6a6472ab
- MITRE: CVE-2022-2915
Vulnerability Metrics
- CVSSv2 Score: 6.0
Vendor References
Discovery Credit
- Sergi Martinez (Exodus Intelligence)
Disclosure Timeline
- Disclosed to affected vendor: April 21st, 2022
- Disclosed to public: January 12th, 2023
Further Information
Readers of this advisory who are interested in receiving further details around the vulnerability, mitigations, detection guidance, and more can contact us at sales@exodusintel.com.
Researchers who are interested in monetizing their 0Day and NDay can work with us through our Research Sponsorship Program (RSP).