Vulnerability Description
Tripwire VERT has recognized a stack-based buffer overflow in SonicWall Community Safety Equipment (NSA). The flaw might be triggered by an unauthenticated HTTP request involving a customized protocol handler. The vulnerability exists throughout the HTTP/HTTPS service used for product administration in addition to SSL VPN distant entry.
Publicity and Affect
An unskilled attacker can use this flaw to trigger a persistent denial of service situation. Tripwire VERT has additionally confirmed the power to divert execution stream by stack corruption indicating {that a} code execution exploit is probably going possible. This flaw exists pre-authentication and inside a element (SSLVPN) which is often uncovered to the general public Web. As of the date of discovery, a Shodan seek for the affected HTTP server banner indicated 795,357 hosts.
SonicWall has indicated that the next variations are weak:
SonicOS 6.5.4.7-79n and earlier
SonicOS 6.5.1.11-4n and earlier
SonicOS 6.0.5.3-93o and earlier
SonicOSv 6.5.4.4-44v-21-794 and earlier
SonicOS 7.0.0.0-1
Remediation & Mitigation
SonicWall has launched updates to remediate this flaw. SSL VPN portals could also be disconnected from the Web as a short lived mitigation earlier than the patch is utilized.
SonicWall has indicated that the next variations embody a repair for this concern:
SonicOS 6.5.4.7-83n
SonicOS 6.5.1.12-1n
SonicOS 6.0.5.3-94o
SonicOS 6.5.4.v-21s-987
Gen 7 7.0.0.0-2 and onwards
Detection
Tripwire IP360 beginning with ASPL-909 comprises distant heuristic detection of the weak service.
Extra details about detecting attainable assaults can be shared as wanted after extra system house owners have had a chance to patch.
References
https://psirt.world.sonicwall.com/vuln-detail/SNWLID-2020-0010