Dell SonicWALL appliances – Vulnerability notification

A web script vulnerability was detected in Dell SonicWALL SonicOS affecting our firewall line of appliances. The vulnerability is limited to a single page in the graphical user interface and is only possible when the firewall is accessed by the administrator (see Issue Summary below).

Affected Dell SonicWALL Firewall Appliances:

  • Tz 100 / TZ 100 Wireless
  • TZ 105 / TZ 105 Wireless
  • TZ 200 / TZ 200 Wireless
  • TZ 205 / TZ 205 Wireless
  • TZ 210 / TZ 210 Wireless
  • TZ 215 / TZ 215 Wireless
  • NSA 220 / NSA 220 Wireless
  • NSA 240
  • NSA 250M / NSA 250M Wireless
  • NSA 2400
  • NSA 3500
  • NSA 4500
  • NSA 5000
  • NSA E-Class 5500
  • NSA E-Class 6500
  • NSA E-Class 7500
  • NSA E-Class 8500
  • NSA E-Class 8510

Affected Software Versions:

  • SonicOS 5.8.1.0 through 5.8.1.8

Issue Summary

The vulnerability can allow a specifically constructed POST request to execute a malicious script code in the context of an administrative session in the web browser. This occurs when the administrator is logged into the firewall and the attacker issues a POST request to a specific page on the firewall from the administrator’s PC. Successful exploitation of the vulnerability can result in session hijacking and unexpected behavior.

Resolution

Dell SonicWALL recommends customers running 5.8.1.8, or previous 5.8.1.x versions, to upgrade to version 5.8.1.9 which is available from www.mySonicWALL.com. A current support contract is not required.

Additional Information

Please contact Dell SonicWALL Global Support Services

1 Comment on "Dell SonicWALL appliances – Vulnerability notification"

  1. I noticed your website’s ranking in google’s search results is very low.
    You are loosing a lot of traffic. You need hi Page Rank backlinks to rank in top 10.

    I know – buying them is too expensive. It’s better to own them.
    I know how to do that, simply google it:
    Polswor’s Backlinks Source

Leave a comment

Your email address will not be published.


*


Get Adobe Flash player Plugin by wpburn.com wordpress themes