Security News > 2024 > January > More than 178,000 SonicWall firewalls are exposed to old denial of service bugs

More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims.

"SSD Labs previously stated that in both cases, cybercrims are"tasked with exploiting a stack overflow vulnerability to cause the DoS - remotely carried out by sending a malicious HTTP request.

With reference to the RCE, SonicWall's advisory from 2022 states: "A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service or potentially results in code execution in the firewall."

Fortunately for SonicWall customers, there is no evidence to suggest either of the vulnerabilities are under active exploitation, although a proof-of-concept exploit that works against both has been developed by SSD Labs and is available online, contrary to SonicWall's advisory.

Chinese cyberspies were spotted targeting unpatched SonicWall gear less than a year ago, and Charles Carmakal, CTO at Mandiant, said at the time that vulnerabilities in firewalls are typically among the most targeted.

CVE-2023-0656 only leads to a DoS, which is difficult for a cybercriminal to monetize, and he guessed achieving RCE with CVE-2022-22274 would likely be too difficult in comparison with the other lucrative and easy-to-exploit RCE vulnerabilities up for grabs.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/16/more_than_178000_sonicwall_firewalls/