SonicWall SMA 100: CVE-2021-20044: Post-Authentication Remote Code Execution (RCE)

A high severity vulnerability (CVSS 7.2) in SMA 100 appliances, which includes SMA 200, 210, 400, 410 and 500v could allow a Remote authenticated attacker to execute system commands as ‘nobody’, the attacker can modify/delete files in the cgi-bin directory and also able to reboot system remotely. It was observed that the SMA100 appliances with WAF licensed/enabled are also impacted by this vulnerability. This Vulnerability is due to an exposed Management API which is written in Python Flask. Remote authenticated attacker can execute system commands as ‘nobody’ user in the SMA100 appliance. There is no evidence that this vulnerability is being exploited in the wild. SonicWall strongly urges that organizations follow the guidance below to patch SMA 100 series products, which include SMA 200, 210, 400, 410 and 500v.