SonicWall Global Management System XMLRPC set_time_zone Unath RCE

vendor:

SonicWall Global Management System Virtual Appliance

by:

Michael Flanders, kernelsmith

CVSS

CRITICAL

Remote Code Execution

CWE

Product Name: SonicWall Global Management System Virtual Appliance

Affected Version From: 8.1 (Build 8110.1197) and below

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Unix

2016

SonicWall Global Management System XMLRPC set_time_zone Unath RCE

This module exploits a vulnerability in SonicWall Global Management System Virtual Appliance versions 8.1 (Build 8110.1197) and below. These vulnerable versions (8.1 Build 8110.1197 and below) do not prevent unauthenticated, external entities from making XML-RPC requests to port 21009 of the virtual app. After the XML-RPC call is made, a shell script is called with command injection.

Mitigation:

Apply the latest security patches provided by SonicWall. Restrict access to port 21009 of the virtual app to trusted IP addresses only.

Source

SonicWall Global Management System XMLRPC set_time_zone Unath RCE

Mitigation:

Exploit-DB raw data: