Details of VAR-201702-1032

ID

VAR-201702-1032

CVE

CVE-2016-9682

TITLE

Dell SonicWall Secure Remote Access Server Command Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2017-02335 // CNNVD: CNNVD-201702-802

DESCRIPTION

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out information about the state of the system. The application doesn't properly escape the information passed in the 'tsrDeleteRestartedFile' or 'currentTSREmailTo' variables before making a call to system(), allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. DellSonicWallSecureRemoteAccess is a SonicWALL Secure Remote Access Series appliance in the DellSonicWall Secure Mobile Access Solution. Exploiting these issues could allow an attacker to execute arbitrary commands in context of the affected application. Failed exploit attempts will result in a denial-of-service condition

Trust: 2.61

sources: NVD: CVE-2016-9682 // JVNDB: JVNDB-2016-007699 // CNVD: CNVD-2017-02335 // BID: 96375 // VULHUB: VHN-98502 // VULMON: CVE-2016-9682

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-02335

AFFECTED PRODUCTS

vendor:	dell	model:	sonicwall secure remote access server	scope:	eq	version:	8.1.0.2-14sv	Trust: 1.6
vendor:	dell	model:	sonicwall secure remote access	scope:	eq	version:	8.1.0.2-14sv	Trust: 0.8
vendor:	dell	model:	sonicwall secure remote access server 8.1.0.2-14sv	scope:	-	version:	-	Trust: 0.6
vendor:	dell	model:	sonicwall secure remote access 8.1.0.2-14sv	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	sonicwall secure remote access	scope:	ne	version:	8.1.0.7	Trust: 0.3

sources: CNVD: CNVD-2017-02335 // BID: 96375 // JVNDB: JVNDB-2016-007699 // CNNVD: CNNVD-201702-802 // NVD: CVE-2016-9682

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-9682
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-9682
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-02335
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201702-802
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-98502
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-9682
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-9682
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2017-02335
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-98502
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-9682
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-02335 // VULHUB: VHN-98502 // VULMON: CVE-2016-9682 // JVNDB: JVNDB-2016-007699 // CNNVD: CNNVD-201702-802 // NVD: CVE-2016-9682

PROBLEMTYPE DATA

problemtype:

CWE-77

Trust: 1.9

sources: VULHUB: VHN-98502 // JVNDB: JVNDB-2016-007699 // NVD: CVE-2016-9682

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-802

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201702-802

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007699

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-98502 // VULMON: CVE-2016-9682

PATCH

title:	SonicWALL SMA 100 Series 8.1.0.7 - Release Notes	url:	https://support.sonicwall.com/technical-documents/sonicwall-sma-100-series/8.1.0.7/release-notes#TOPIC-661386	Trust: 0.8
title:	DellSonicWallSecureRemoteAccess server command injection vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/89944	Trust: 0.6
title:	Dell SonicWall Secure Remote Access Server command injection vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68106	Trust: 0.6

sources: CNVD: CNVD-2017-02335 // JVNDB: JVNDB-2016-007699 // CNNVD: CNNVD-201702-802

EXTERNAL IDS

db:	NVD	id:	CVE-2016-9682	Trust: 3.5
db:	BID	id:	96375	Trust: 2.1
db:	EXPLOIT-DB	id:	42342	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-007699	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-802	Trust: 0.7
db:	CNVD	id:	CNVD-2017-02335	Trust: 0.6
db:	PACKETSTORM	id:	143418	Trust: 0.1
db:	VULHUB	id:	VHN-98502	Trust: 0.1
db:	VULMON	id:	CVE-2016-9682	Trust: 0.1

sources: CNVD: CNVD-2017-02335 // VULHUB: VHN-98502 // VULMON: CVE-2016-9682 // BID: 96375 // JVNDB: JVNDB-2016-007699 // CNNVD: CNNVD-201702-802 // NVD: CVE-2016-9682

REFERENCES

url:	http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?parentproduct=868	Trust: 2.1
url:	http://www.securityfocus.com/bid/96375	Trust: 1.3
url:	https://www.exploit-db.com/exploits/42342/	Trust: 1.3
url:	https://psirt.global.sonicwall.com/vuln-detail/snwlid-2016-0003	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9682	Trust: 0.8
url:	https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9682	Trust: 0.8
url:	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9682	Trust: 0.6
url:	http://dell.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/77.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2017-02335 // VULHUB: VHN-98502 // VULMON: CVE-2016-9682 // BID: 96375 // JVNDB: JVNDB-2016-007699 // CNNVD: CNNVD-201702-802 // NVD: CVE-2016-9682

CREDITS

Dell

Trust: 0.3

sources: BID: 96375

SOURCES

db:	CNVD	id:	CNVD-2017-02335
db:	VULHUB	id:	VHN-98502
db:	VULMON	id:	CVE-2016-9682
db:	BID	id:	96375
db:	JVNDB	id:	JVNDB-2016-007699
db:	CNNVD	id:	CNNVD-201702-802
db:	NVD	id:	CVE-2016-9682

LAST UPDATE DATE

2025-04-20T23:20:05.981000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-02335	date:	2017-03-07T00:00:00
db:	VULHUB	id:	VHN-98502	date:	2018-10-17T00:00:00
db:	VULMON	id:	CVE-2016-9682	date:	2018-10-17T00:00:00
db:	BID	id:	96375	date:	2017-03-07T04:04:00
db:	JVNDB	id:	JVNDB-2016-007699	date:	2017-03-13T00:00:00
db:	CNNVD	id:	CNNVD-201702-802	date:	2017-02-23T00:00:00
db:	NVD	id:	CVE-2016-9682	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-02335	date:	2017-03-03T00:00:00
db:	VULHUB	id:	VHN-98502	date:	2017-02-22T00:00:00
db:	VULMON	id:	CVE-2016-9682	date:	2017-02-22T00:00:00
db:	BID	id:	96375	date:	2017-01-27T00:00:00
db:	JVNDB	id:	JVNDB-2016-007699	date:	2017-03-13T00:00:00
db:	CNNVD	id:	CNNVD-201702-802	date:	2017-02-23T00:00:00
db:	NVD	id:	CVE-2016-9682	date:	2017-02-22T05:59:00.167