Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Sonicwall SMA100 操作系统命令注入漏洞
Vulnerability Description
Sonicwall SMA100是美国Sonicwall公司的一款安全访问网关设备。 SonicWall SMA100 系列存在操作系统命令注入漏洞,该漏洞源于 SMA100 管理界面中的输入验证不正确。远程用户可以向应用程序发送特制的请求,并作为“nobody”用户在目标系统上执行任意操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A