CVE-2016-9683

Name of the Vulnerable Software and Affected Versions SonicWall Secure Remote Access server version 8.1.0.2-14sv

Description The vulnerability occurs in the 'extensionsettings' CGI component, specifically in the /cgi-bin/extensionsettings API endpoint, which handles internal server configurations. It is caused by the lack of input sanitization, allowing remote command injection through the scriptname variable. Exploitation of this issue yields shell access to the remote machine under the nobody user account.

Recommendations For version 8.1.0.2-14sv, as a temporary workaround, consider disabling the /cgi-bin/extensionsettings API endpoint until a patch is available. Restrict access to the extensionsettings CGI component to minimize the risk of exploitation. Avoid using the scriptname variable in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.