製品・ソフトウェアに関する情報

JVN脆弱性詳細

Dell SonicWALL Secure Remote Access サーバの Web 管理インターフェースにおけるリモートコマンドインジェクションの脆弱性

Title	Dell SonicWALL Secure Remote Access サーバの Web 管理インターフェースにおけるリモートコマンドインジェクションの脆弱性
Summary	Dell SonicWALL Secure Remote Access サーバの Web 管理インターフェースの 'extensionsettings' CGI (/cgi-bin/extensionsettings) コンポーネントには、リモートコマンドインジェクションの脆弱性が存在します。ベンダは、本脆弱性を Issue ID 181195 として公開しています。
Possible impacts	nobody ユーザアカウントにより、リモートコマンドを挿入され、リモートマシンにシェルでアクセスされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Nov. 30, 2016, midnight
Registration Date	March 13, 2017, 3:37 p.m.
Last Update	March 13, 2017, 3:37 p.m.

Affected System

デル

Dell SonicWALL Secure Remote Access 8.1.0.2-14sv

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2016-9683	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9683
National Vulnerability Database (NVD)
2	CVE-2016-9683	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9683

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-77	https://cwe.mitre.org/data/definitions/77.html

ベンダー情報

No	Name	URL
SonicWALL
1	SonicWALL SMA 100 Series 8.1.0.7 - Release Notes	http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?ParentProduct=868

Change Log

No	Changed Details	Date of change
0	[2017年03月13日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2016-9683

Summary	The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI (/cgi-bin/extensionsettings) component responsible for handling some of the server's internal configurations. The CGI application doesn't properly escape the information it's passed when processing a particular multi-part form request involving scripts. The filename of the 'scriptname' variable is read in unsanitized before a call to system() is performed - allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. This is SonicWall Issue ID 181195.
Publication Date	Feb. 22, 2017, 2:59 p.m.
Registration Date	Jan. 26, 2021, 2:20 p.m.
Last Update	Nov. 21, 2024, 12:01 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:dell:sonicwall_secure_remote_access_server:8.1.0.2-14sv:::::::*

Related information, measures and tools

No	URL	タグ
1	http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?ParentProduct=868	Release Notes Vendor Advisory
2	http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?ParentProduct=868	Release Notes Vendor Advisory
3	http://pastebin.com/eJbeXgBr
4	http://pastebin.com/eJbeXgBr
5	http://www.securityfocus.com/bid/96375
6	http://www.securityfocus.com/bid/96375
7	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2016-0004
8	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2016-0004

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-77	コマンドインジェクション	https://cwe.mitre.org/data/definitions/77.html