vendor:
SMA 100 Series
by:
Jacob Baines
9.1
CVSS
CRITICAL
Password Reset
287
CWE
Product Name: SMA 100 Series
Affected Version From: 9.0.0.10-28sv
Affected Version To: 10.2.1.0-17sv
Patch Exists: YES
Related CWE: CVE-2021-20034
CPE: a:sonicwall:sonicwall_sma_100_series
Platforms Tested: SMA 500v using 9.0.0.10-28sv and 10.2.1.0-17sv
2021
SonicWall SMA 10.2.1.0-17sv – Password Reset
Overwrite the persistent database, resulting in password reset on reboot. The exploit is done by sending a PUT request to the vulnerable endpoint with a JSON payload containing the new password.
Mitigation:
Upgrade to the latest version of SonicWall SMA 10.2.1.0-17sv