SonicWall SMA 100: CVE-2021-20044: Post-Authentication Remote Code Execution (RCE)
Description
A high severity vulnerability (CVSS 7.2) in SMA 100 appliances, which includes SMA 200, 210, 400, 410 and 500v could allow a Remote authenticated attacker to execute system commands as ‘nobody’, the attacker can modify/delete files in the cgi-bin directory and also able to reboot system remotely. It was observed that the SMA100 appliances with WAF licensed/enabled are also impacted by this vulnerability. This Vulnerability is due to an exposed Management API which is written in Python Flask. Remote authenticated attacker can execute system commands as ‘nobody’ user in the SMA100 appliance. There is no evidence that this vulnerability is being exploited in the wild. SonicWall strongly urges that organizations follow the guidance below to patch SMA 100 series products, which include SMA 200, 210, 400, 410 and 500v.
Solution(s)
- sonicwall-sma-100-upgrade-10.2.0.9-41sv
- sonicwall-sma-100-upgrade-10.2.1.3-27sv
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center