CyberSec.Space Logo
Back to CVE Browser

CVE-2016-9683

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0440%
EPSS Percentile1.63th
PublishedFeb 22, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI (/cgi-bin/extensionsettings) component responsible for handling some of the server's internal configurations. The CGI application doesn't properly escape the information it's passed when processing a particular multi-part form request involving scripts. The filename of the 'scriptname' variable is read in unsanitized before a call to system() is performed - allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. This is SonicWall Issue ID 181195.

Affected Platforms (CPE)

πŸ’»
Dell

Sonicwall Secure Remote Access Server

= 8.1.0.2-14sv

References & Advisories

πŸ”— http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?ParentProduct=868
πŸ”— http://pastebin.com/eJbeXgBr
πŸ”— http://www.securityfocus.com/bid/96375
πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2016-0004
πŸ”— http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?ParentProduct=868
πŸ”— http://pastebin.com/eJbeXgBr
πŸ”— http://www.securityfocus.com/bid/96375
πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2016-0004

Related Vulnerabilities

CVE-2016-96829.8

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in ...

CVE-2016-96849.8

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its ...

CVE-2016-134310.0

The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service ...

CVE-2016-103810.0

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader...