CVE-2016-9683

Description

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the extensionsettings CGI (/cgi-bin/extensionsettings) component responsible for handling some of the servers internal configurations. The CGI application doesnt properly escape the information its passed when processing a particular multi-part form request involving scripts. The filename of the scriptname variable is read in unsanitized before a call to system() is performed - allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. This is SonicWall Issue ID 181195.

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

21.972

Associated Vulnerability

Vulnerability	OS Platform
Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability (CVE-2016-9683)	NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234