Over 178,000 SonicWall firewalls nonetheless susceptible to previous flaws

[ad_1]

Web scans reveal susceptible SonicWall units

The Bishop Fox researchers needed to scan the web and decide how most of the SonicWall firewalls with their administration interfaces uncovered have URI paths which are nonetheless susceptible to CVE-2022-22274 and CVE-2023-0656. Nevertheless, probing for these points through the use of the actual exploit causes units to crash and the researchers needed to keep away from that.

After analyzing how the firewalls responded to requests to the susceptible URI paths, the researchers discovered a crash-safe approach to carry out the check and inform patched units other than non-patched ones, or units that didn’t have the susceptible elements within the first place. They wrote a scanner in Python after which ran it in opposition to an inventory of units recognized as SonicWall firewalls within the knowledge set from BinaryEdge, an organization that runs common internet-wide scans.

“We exported the complete knowledge set from BinaryEdge, extracted HTTPS URLs, filtered the listing to IPv4 (for simplicity – it was a negligible distinction), and eliminated duplicate entries,” the researchers mentioned. “We then wrote a easy script to check reachability and examine the response headers. After filtering our outcomes on this method, we ended up with a goal set of 234,720 units.”

After operating their crash-free assessments, the researchers discovered that 146,116, or 62% of the units, had been susceptible to CVE-2022-22274 and that 178,608 (76%) had been susceptible to CVE-2023-0656.

“At this cut-off date, an attacker can simply trigger a denial of service utilizing this exploit, however as SonicWall famous in its advisories, a possible for distant code execution exists,” the researchers mentioned. “Whereas it could be attainable to plan an exploit that may execute arbitrary instructions, extra analysis is required to beat a number of challenges, together with PIE, ASLR, and stack canaries.”

Organizations operating SonicWall firewalls are strongly urged to improve their firmware to the most recent accessible model and to limit entry to the web-based administration interface, particularly from the web.

[ad_2]

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *

Consuleria is a leading provider of digital forensic investigations, cybersecurity, and data protection services. Our team of experts has the skills and experience to conduct investigations on both a national and international scale, including support for homeland security efforts.

Consuleria is committed to providing the highest level of security for its clients. We offer a comprehensive range of services, including security assessment and penetration testing, all of which are conducted in accordance with the highest industry standards.

 

Useful Links

Contact Us

Legal Headquarter:
Via Papa Giovanni XXIII Albenga (Sv) – ITALY
Phone: +39 393 33 58 136
Email (general): info [at] consuleria [dot] com
Email (legal): legal.office[at] consuleria [dot] com
Email (administration): amministrazione [at] consuleria [dot] com

2023 © All Rights Reserved. Privacy Policy   – P.Iva IT01871640098