SonicWall.Email.Security.Branding.ZIP.Arbitrary.File.Upload
Description
This indicates an attack attempt to exploit an Arbitrary File Upload vulnerability in SonicWall Email Security.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted zip file. Successful exploitation could lead to remote code execution.
Affected Products
SonicWall On-premise Email Security (ES) 10.0.9 and earlier versions
SonicWall Hosted Email Security (HES) 10.0.9 and earlier versions
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0008
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |