CVE-2016-9682

Name of the Vulnerable Software and Affected Versions SonicWall Secure Remote Access server version 8.1.0.2-14sv

Description The issue is related to the diagnostics component of the CGI application in the web administrative interface, specifically the /cgi-bin/diagnostics endpoint. It is caused by a lack of input data sanitization, allowing a remote attacker to execute arbitrary commands using the tsrDeleteRestartedFile and currentTSREmailTo variables. This can lead to remote command injection, potentially giving shell access to the machine under the nobody user account.

Recommendations For version 8.1.0.2-14sv, consider disabling the /cgi-bin/diagnostics endpoint as a temporary workaround until a patch is available. Restrict access to the diagnostics component to minimize the risk of exploitation. Avoid using the tsrDeleteRestartedFile and currentTSREmailTo variables in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.