SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the device is freshly installed and not connected to Mysonicwall.
CPE | Name | Operator | Version |
---|---|---|---|
email_security_virtual_appliance | le | 10.0.9 |