CVE-2022-1703

Description

Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service (DoS) attack.

Affected products

• SonicWall / SMA10010.2.1.4-31sv and earlier – 10.2.1.4-31sv and earlier
• SonicWall / SMA10010.2.0.9-41sv and earlier – 10.2.0.9-41sv and earlier

References

• VENDOR_ADVISORYhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0010