Details of VAR-201702-1033

ID

VAR-201702-1033

CVE

CVE-2016-9683

TITLE

Dell SonicWALL Secure Remote Access Server Web Remote command injection vulnerability in management interface

Trust: 0.8

sources: JVNDB: JVNDB-2016-007700

DESCRIPTION

The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI (/cgi-bin/extensionsettings) component responsible for handling some of the server's internal configurations. The CGI application doesn't properly escape the information it's passed when processing a particular multi-part form request involving scripts. The filename of the 'scriptname' variable is read in unsanitized before a call to system() is performed - allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account. This is SonicWall Issue ID 181195. DellSonicWallSecureRemoteAccess is a SonicWALL Secure Remote Access Series appliance in the DellSonicWall Secure Mobile Access Solution. Exploiting these issues could allow an attacker to execute arbitrary commands in context of the affected application. Failed exploit attempts will result in a denial-of-service condition

Trust: 2.61

sources: NVD: CVE-2016-9683 // JVNDB: JVNDB-2016-007700 // CNVD: CNVD-2017-02472 // BID: 96375 // VULHUB: VHN-98503 // VULMON: CVE-2016-9683

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-02472

AFFECTED PRODUCTS

vendor:	dell	model:	sonicwall secure remote access server	scope:	eq	version:	8.1.0.2-14sv	Trust: 1.6
vendor:	dell	model:	sonicwall secure remote access 8.1.0.2-14sv	scope:	-	version:	-	Trust: 0.9
vendor:	dell	model:	sonicwall secure remote access	scope:	eq	version:	8.1.0.2-14sv	Trust: 0.8
vendor:	dell	model:	sonicwall secure remote access	scope:	ne	version:	8.1.0.7	Trust: 0.3

sources: CNVD: CNVD-2017-02472 // BID: 96375 // JVNDB: JVNDB-2016-007700 // CNNVD: CNNVD-201702-801 // NVD: CVE-2016-9683

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-9683
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-9683
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-02472
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201702-801
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-98503
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-9683
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-9683
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2017-02472
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-98503
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-9683
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-02472 // VULHUB: VHN-98503 // VULMON: CVE-2016-9683 // JVNDB: JVNDB-2016-007700 // CNNVD: CNNVD-201702-801 // NVD: CVE-2016-9683

PROBLEMTYPE DATA

problemtype:

CWE-77

Trust: 1.9

sources: VULHUB: VHN-98503 // JVNDB: JVNDB-2016-007700 // NVD: CVE-2016-9683

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-801

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201702-801

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007700

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-98503 // VULMON: CVE-2016-9683

PATCH

title:	SonicWALL SMA 100 Series 8.1.0.7 - Release Notes	url:	http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?ParentProduct=868	Trust: 0.8
title:	Patch for DellSonicWallSecureRemoteAccess Server Command Injection Vulnerability (CNVD-2017-02472)	url:	https://www.cnvd.org.cn/patchInfo/show/90043	Trust: 0.6
title:	Dell SonicWall Secure Remote Access Server command injection vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68107	Trust: 0.6

sources: CNVD: CNVD-2017-02472 // JVNDB: JVNDB-2016-007700 // CNNVD: CNNVD-201702-801

EXTERNAL IDS

db:	NVD	id:	CVE-2016-9683	Trust: 3.5
db:	BID	id:	96375	Trust: 2.1
db:	JVNDB	id:	JVNDB-2016-007700	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-801	Trust: 0.7
db:	CNVD	id:	CNVD-2017-02472	Trust: 0.6
db:	EXPLOIT-DB	id:	41415	Trust: 0.2
db:	PACKETSTORM	id:	141288	Trust: 0.1
db:	VULHUB	id:	VHN-98503	Trust: 0.1
db:	VULMON	id:	CVE-2016-9683	Trust: 0.1

sources: CNVD: CNVD-2017-02472 // VULHUB: VHN-98503 // VULMON: CVE-2016-9683 // BID: 96375 // JVNDB: JVNDB-2016-007700 // CNNVD: CNNVD-201702-801 // NVD: CVE-2016-9683

REFERENCES

url:	http://documents.software.dell.com/sonicwall-sma-100-series/8.1.0.7/release-notes/resolved-issues?parentproduct=868	Trust: 2.7
url:	http://www.securityfocus.com/bid/96375	Trust: 1.9
url:	https://psirt.global.sonicwall.com/vuln-detail/snwlid-2016-0004	Trust: 1.2
url:	http://pastebin.com/ejbexgbr	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9683	Trust: 0.8
url:	https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9683	Trust: 0.8
url:	http://dell.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/77.html	Trust: 0.1
url:	https://www.exploit-db.com/exploits/41415/	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2017-02472 // VULHUB: VHN-98503 // VULMON: CVE-2016-9683 // BID: 96375 // JVNDB: JVNDB-2016-007700 // CNNVD: CNNVD-201702-801 // NVD: CVE-2016-9683

CREDITS

Dell

Trust: 0.3

sources: BID: 96375

SOURCES

db:	CNVD	id:	CNVD-2017-02472
db:	VULHUB	id:	VHN-98503
db:	VULMON	id:	CVE-2016-9683
db:	BID	id:	96375
db:	JVNDB	id:	JVNDB-2016-007700
db:	CNNVD	id:	CNNVD-201702-801
db:	NVD	id:	CVE-2016-9683

LAST UPDATE DATE

2025-04-20T23:20:05.943000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-02472	date:	2017-03-07T00:00:00
db:	VULHUB	id:	VHN-98503	date:	2018-10-17T00:00:00
db:	VULMON	id:	CVE-2016-9683	date:	2018-10-17T00:00:00
db:	BID	id:	96375	date:	2017-03-07T04:04:00
db:	JVNDB	id:	JVNDB-2016-007700	date:	2017-03-13T00:00:00
db:	CNNVD	id:	CNNVD-201702-801	date:	2017-02-23T00:00:00
db:	NVD	id:	CVE-2016-9683	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-02472	date:	2017-03-07T00:00:00
db:	VULHUB	id:	VHN-98503	date:	2017-02-22T00:00:00
db:	VULMON	id:	CVE-2016-9683	date:	2017-02-22T00:00:00
db:	BID	id:	96375	date:	2017-01-27T00:00:00
db:	JVNDB	id:	JVNDB-2016-007700	date:	2017-03-13T00:00:00
db:	CNNVD	id:	CNNVD-201702-801	date:	2017-02-23T00:00:00
db:	NVD	id:	CVE-2016-9683	date:	2017-02-22T05:59:00.200