Researcher Describes Potential Impact of Recently Patched SonicWall NSM Flaw

Source
Advertisement


NSM is a firewall management application that provides the ability to monitor and manage all network security services from a single interface, as well as to automate tasks to improve security operations. The product is available for on-premises deployments or as a SaaS offering.

Tracked as CVE-2021-20026 and featuring a CVSS score of 8.8, the vulnerability was patched in May 2021. The security hole affects the on-premises versions of SonicWall NSM only and can be exploited through specially crafted HTTP requests sent to the vulnerable application.

Advertisement