March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – The Fake Security Advisory Promotes the Installation of Backdoor Plugins for WordPress – Active IOCs
December 8, 2023Rewterz Threat Alert – PatchWork APT Threat Actor Group – Active IOCs
December 11, 2023Rewterz Threat Alert – The Fake Security Advisory Promotes the Installation of Backdoor Plugins for WordPress – Active IOCs
December 8, 2023Rewterz Threat Alert – PatchWork APT Threat Actor Group – Active IOCs
December 11, 2023
Severity
Medium
Analysis Summary
CVE-2023-5970 CVSS:6.3
SonicWall SMA100 SSL-VPN could allow a remote authenticated attacker to bypass security restrictions, caused by improper authentication in the virtual office portal. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass multifactor authentication and obtain access.
CVE-2023-44221 CVSS:7.2
SonicWall SMA100 SSL-VPN could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of user-supplied input. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Security Bypass
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-5970
- CVE-2023-44221
Affected Vendors
Sonicwall
Affected Products
- SonicWall SMA100 SSL-VPN 10.2.1.9-57sv
Remediation
Refer to SonicWall Security Advisory for patch, upgrade or suggested workaround information.