CVE-2016-9684

Name of the Vulnerable Software and Affected Versions SonicWall Secure Remote Access server version 8.1.0.2-14sv

Description The issue is related to the viewcert CGI component in the web administrative interface, specifically the /cgi-bin/viewcert API endpoint. It is caused by a lack of input sanitization, allowing an attacker to inject commands remotely using the CERT variable. This can lead to the execution of arbitrary commands, resulting in shell access to the remote machine under the nobody user account.

Recommendations For version 8.1.0.2-14sv, consider disabling the viewcert CGI component or restricting access to the /cgi-bin/viewcert API endpoint until a patch is available. Avoid using the CERT variable in the affected API endpoint to minimize the risk of exploitation.