exploitDog

GHSA-29h3-7qgp-vff3

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.

A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.

Ссылки

EPSS

Процентиль: 94%

0.11744

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-20

CWE-77

Связанные уязвимости

CVE-2018-9866

CVSS3: 9.8

nvd

больше 7 лет назад

A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.

EPSS

Процентиль: 94%

0.11744

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-20

CWE-77