Lucene search
MitreCVELIST:CVE-2016-9682HistoryFeb 22, 2017 - 5:00 a.m.
CVE-2016-9682
2017-02-2205:00:00
mitre
www.cve.org
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out information about the state of the system. The application doesn’t properly escape the information passed in the ‘tsrDeleteRestartedFile’ or ‘currentTSREmailTo’ variables before making a call to system(), allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account.
Related
dsquare
dsquare
Dell SonicWALL Secure Remote Access diagnostics RCE
2017-05-22 00:00:00
packetstorm
packetstorm
Sonicwall Secure Remote Access (SRA) 8.1.0.2-14sv Command Injection
2017-07-19 00:00:00
zdt
zdt
nvd
nvd
CVE-2016-9682
2017-02-22 05:59:00
cve
cve
CVE-2016-9682
2017-02-22 05:59:00
checkpoint_advisories
checkpoint_advisories
SonicWall Secure Remote Access Server Command Injection (CVE-2016-9682)
2020-12-06 00:00:00
prion
prion
Command injection
2017-02-22 05:59:00
exploitpack
exploitpack
Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection
2017-07-19 00:00:00
exploitdb
exploitdb
Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection
2017-07-19 00:00:00
openvas
openvas
Dell SonicWALL Secure Remote Access (SRA) Multiple RCE Vulnerabilities
2017-07-24 00:00:00