Security News > 2024 > January > More than 178,000 SonicWall firewalls are exposed to old denial of service bugs

More than 178,000 SonicWall firewalls are exposed to old denial of service bugs
2024-01-16 17:02

More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims.

"SSD Labs previously stated that in both cases, cybercrims are"tasked with exploiting a stack overflow vulnerability to cause the DoS - remotely carried out by sending a malicious HTTP request.

With reference to the RCE, SonicWall's advisory from 2022 states: "A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service or potentially results in code execution in the firewall."

Fortunately for SonicWall customers, there is no evidence to suggest either of the vulnerabilities are under active exploitation, although a proof-of-concept exploit that works against both has been developed by SSD Labs and is available online, contrary to SonicWall's advisory.

Chinese cyberspies were spotted targeting unpatched SonicWall gear less than a year ago, and Charles Carmakal, CTO at Mandiant, said at the time that vulnerabilities in firewalls are typically among the most targeted.

CVE-2023-0656 only leads to a DoS, which is difficult for a cybercriminal to monetize, and he guessed achieving RCE with CVE-2022-22274 would likely be too difficult in comparison with the other lucrative and easy-to-exploit RCE vulnerabilities up for grabs.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/16/more_than_178000_sonicwall_firewalls/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-03-02 CVE-2023-0656 Out-of-bounds Write vulnerability in Sonicwall Sonicos
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
network
low complexity
sonicwall CWE-787
7.5
2022-03-25 CVE-2022-22274 Out-of-bounds Write vulnerability in Sonicwall Sonicos
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
network
low complexity
sonicwall CWE-787
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 113 0 41 74 38 153