CVE-2018-9866
Description
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliances, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
11.228
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability (CVE-2018-9866) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234