Warning: More than 178,000 SonicWall firewalls may be vulnerable to exploits

SonicWall Firewalls

More than 178,000 SonicWall firewalls exposed across the Internet can be exploited for at least one of two security flaws that can potentially be exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE) to cause.

“The two issues are fundamentally the same, but can be exploited on different HTTP URI paths due to reuse of a vulnerable code pattern,” said Jon Williams, a senior security engineer at Bishop Fox, said in a technical analysis shared with The Hacker News.

The affected vulnerabilities are listed below:

  • CVE-2022-22274 (CVSS Score: 9.4) – A stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote, unauthenticated attacker to cause DoS or possibly result in code execution in the firewall.
  • CVE-2023-0656 (CVSS Score: 7.5) – A stack-based buffer overflow vulnerability in SonicOS allows a remote, unauthenticated attacker to cause DoS, leading to a crash.

While there have been no reports of the flaws being exploited in the wild, a proof-of-concept (PoC) for CVE-2023-0656 has been made available. published by the SSD Secure Disclosure team April 2023.

1705416000 29 Warning More than 178000 SonicWall firewalls may be vulnerable to

The cybersecurity firm revealed that the issues could be weaponized by bad actors to cause repeated crashes and force the device into maintenance mode, requiring administrative action to restore normal functionality.

“Perhaps most surprising was the discovery that more than 146,000 publicly accessible devices are vulnerable to a bug published nearly two years ago,” Williams said.

The development comes as watchTowr Labs exposed multiple stack-based buffer overflow errors in the SonicOS management web interface and the SSL VPN portal, which could lead to a firewall crash.

To protect against possible threats, it is recommended to update to the latest version and ensure that the management interface is not exposed to the Internet.

#Warning #SonicWall #firewalls #vulnerable #exploits

Notify of
Inline Feedbacks
View all comments
Previous Post

Citrix, VMware and Atlassian suffer from critical errors: patch as soon as possible!

Next Post
Remcos RAT

Remcos RAT is spreading through adult games in a new wave of attacks

Related Posts