Rewterz Threat Advisory – Multiple VMware vCenter Vulnerabilities

September 26, 2021

Rewterz Threat Advisory – CVE-2021-36749 – Apache Druid Vulnerability

September 27, 2021

Rewterz Threat Advisory – CVE-2021-20034 – SonicWall SMA 100 series appliances

September 27, 2021

Severity

High

Analysis Summary

CVE-2021-20034

SonicWall SMA 100 series appliances could allow a remote attacker to bypass security restrictions, caused by an improper limitation of a file path to a restricted directory. By sending a specially crafted request, an attacker could exploit this vulnerability to delete arbitrary files from a SMA 100 series appliance and possibly gain administrator access to the device.

Impact

Security Bypass

Affected Vendors

Sonicwall

Affected Products

SonicWall SMA 200 9.0.0.10-28sv
SonicWall SMA 200 10.2.0.7-34sv
SonicWall SMA 200 10.2.1.0-17sv
SonicWall SMA 210 9.0.0.10-28sv

Remediation

Refer to SonicWall Security Advisory for patch, upgrade or suggested workaround information.

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0021

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple VMware vCenter Vulnerabilities

Rewterz Threat Advisory – CVE-2021-36749 – Apache Druid Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.