E18-0qlm1
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
4
Year:
2018
Description
This strike exploits a remote code execution on SonicWall Global Management System. The vulnerability is due to lack of string sanitization when updating the systems timezone via a crafted XML file. An attacker exploiting the flaw has complete access to the system as the root user.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}