CVE-2015-4173 - Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before

CVE-2015-4173

Summary

Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

References

Vulnerable Configurations

cpe:2.3:a:sonicwall:netextender:-:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:-:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:7.5:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:7.5:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:7.5.226:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:7.5.226:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:8.0:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:8.0:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:8.0.236:*:*:*:*:windows:*:*
cpe:2.3:a:sonicwall:netextender:8.0.236:*:*:*:*:windows:*:*

CVSS

Base:	6.9 (as of 05-08-2020 - 15:04)
Impact:
Exploitability:

CWE

CWE-428

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bugtraq	20150824 Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation
confirm	https://support.software.dell.com/product-notification/157537
misc	http://packetstormsecurity.com/files/133302/Dell-SonicWall-NetExtender-7.5.215-Privilege-Escalation.html
sectrack	1033417

Last major update

05-08-2020 - 15:04

Published

26-08-2015 - 19:59

Last modified

05-08-2020 - 15:04