7 matches found
watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices
watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities CVE-2024-38475 & CVE-2023-44221 potentially leading to full system takeover…...
VulnCheck KEV: CVE-2023-44221
SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user...
CVE-2023-44221
creationtimestamp| type| source ---|---|--- 2023-12-24 15:26:20+00:00| seen| https://t.me/ctinow/159038 2025-04-30 16:18:31+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114427816217281348 2025-04-30 18:14:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14107 2025-05-01...
CVE-2023-44221
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability...
CVE-2023-44221
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability...
CVE-2023-44221
The CVE-2023-44221 entry concerns SonicWall SMA100 appliances with the SSL-VPN management interface. A vulnerability in improper neutralization of special elements allows a remote authenticated attacker with administrative privileges to inject arbitrary commands as a nobody user, enabling OS Comm...
CVE-2023-44221
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a ‘nobody’ user, potentially leading to OS Command Injection Vulnerability. Recent assessments: Assessed...