A researcher at Positive Technologies has provided details about the CVE-2021-20026 command injection flaw that exploits SonicWall’s Network Security Manager (NSM) device. The flaw tracked as CVE-2021-20026 is rated with an 8.8 severity score and was patched in May 2021. SonicWall advised users to 'immediately' fix a post-authentication vulnerability impacting on-premises versions of the Network Security Manager (NSM) multi-tenant firewall management solution which can be abused through specially crafted HTTP requests sent to the susceptible application. An attacker could exploit the flaw to execute arbitrary commands on the underlying operating system with root privileges.The security flaw was discovered by Nikita Abramov, a researcher at Russian cybersecurity firm Positive Technologies, who explains that the flaw exists due to improper validation of input data which is directly passed to the operating system for processing.Abramov explained that an attacker with authorization in NSM with a minimum level of privileges could potentially exploit the flaw to compromise the product. Threat actors can exploit this flaw to inject OS commands which will help them in securing access to all the features that the vulnerable on-premises SonicWall NSM platform has to offer, as well as to the entire underlying operating system.NSM is a firewall management application that provides the ability to monitor and manage all network security services from a single interface, as well as to automate tasks to improve security operations. The product is available for on-premises deployments or as a SaaS offering.“A successful attack on a vulnerable device requires authorization in NSM with a minimum level of privileges. SonicWall NSM allows centralized management of hundreds of devices. Tampering with this system may negatively impact ..
Support the originator by clicking the read the rest link below.
