CVE-2023-44221: Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative...

0.0 CVSS

Description

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.

Classification

CVE ID: CVE-2023-44221

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: SonicWall

Product: SMA100

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.14% (probability of being exploited)

EPSS Percentile: 50.87% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018

Timeline

2024-12-03 00:11:35 UTC
CVE

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative...