CRITICAL VULNERABILITY IN SONICWALL SMA 100 APPLIANCES
A critical severity vulnerability (CVSS 9.8) in SMA 100 appliances, which includes SMA 200, 210, 400, 410 and 500v could allow a remote unauthenticated attacker to cause Stack-based Buffer Overflow and would result in code execution as the nobody user in the SMA100 appliance.
The Vulnerability is due to the SonicWall SMA SSLVPN Apache httpd server GET method of mod_cgi module environment variables use a single stack-based buffer using `strcat`. This allows remote attacker to cause Stack-based Buffer Overflow and would result in code execution.
The CCB recommends to all System administrators to upgrade vulnerable devices to the latest versions released by the vendor (the patch adressing this vulnerability also fix other vulnerabilities as well, notably - CVE-2021-20039, CVE-2021-20040, CVE-2021-20041, CVE-2021-20042, CVE-2021-20043, CVE-2021-20044, CVE-2021-20045).