Vulnerability Details : CVE-2014-4977
Public exploit exists!
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the (2) user_id parameter in the changeUnit function, (3) methodDetail parameter in the methodDetail function, or (4) xcNetworkDetail parameter in the xcNetworkDetail function in d4d/exporters.php.
Vulnerability category: Sql Injection
Products affected by CVE-2014-4977
- cpe:2.3:a:sonicwall:scrutinizer:11.0.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-4977
96.47%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-4977
-
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
Disclosure Date: 2014-07-24First seen: 2020-04-26exploit/multi/http/sonicwall_scrutinizer_methoddetail_sqliThis module exploits a vulnerability found in Dell SonicWALL Scrutinizer. The methodDetail parameter in exporters.php allows an attacker to write arbitrary files to the file system with an SQL Injection attack, and gain remote code execution under the context of SYSTEM
CVSS scores for CVE-2014-4977
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2014-4977
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-4977
-
http://www.securityfocus.com/bid/68495
Dell SonicWALL Scrutinizer Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/137098/Dell-SonicWALL-Scrutinizer-11.01-methodDetail-SQL-Injection.html
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection ≈ Packet StormThird Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/127429/Dell-Sonicwall-Scrutinizer-11.01-Code-Execution-SQL-Injection.html
Dell Sonicwall Scrutinizer 11.01 Code Execution / SQL Injection ≈ Packet StormThird Party Advisory;VDB Entry
-
http://seclists.org/fulldisclosure/2014/Jul/44
Full Disclosure: Dell Scrutinizer 11.01 multiple vulnerabilitiesMailing List;Third Party Advisory
-
https://www.exploit-db.com/exploits/39836/
Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection (Metasploit) - Multiple remote ExploitThird Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94439
Dell SonicWALL Scrutinizer exporters.php SQL injection CVE-2014-4977 Vulnerability ReportThird Party Advisory;VDB Entry
-
https://gist.github.com/brandonprry/76741d9a0d4f518fe297
scrutinizer_changeunit_sqli_exec.rb · GitHubExploit;Third Party Advisory
-
https://gist.github.com/brandonprry/36b4b8df1cde279a9305
gist:36b4b8df1cde279a9305 · GitHubThird Party Advisory
Jump to