Back to CVE Browser

CVE-2016-9684

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1860%

EPSS Percentile22.11th

PublishedFeb 22, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI (/cgi-bin/viewcert) component responsible for processing SSL certificate information. The CGI application doesn't properly escape the information it's passed in the 'CERT' variable before a call to system() is performed - allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account.

Affected Platforms (CPE)

💻

Dell

Sonicwall Secure Remote Access Server

= 8.1.0.2-14sv

References & Advisories

🔗 http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?ParentProduct=868

🔗 http://pastebin.com/g1e2qU6N

🔗 http://www.securityfocus.com/bid/96375

🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2016-0005

🔗 http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?ParentProduct=868

🔗 http://pastebin.com/g1e2qU6N

🔗 http://www.securityfocus.com/bid/96375

🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2016-0005

Related Vulnerabilities

CVE-2016-96829.8

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in ...

CVE-2016-96839.8

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its ...

CVE-2016-198510.0

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java ...

CVE-2016-193110.0

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial...