Security Alert (A22-07-16): Vulnerability in SonicWall Products
25 July 2022
SonicWall has released a security advisory to address an unauthenticated SQL injection vulnerability in SonicWall Analytics and GMS products. A remote unauthenticated attacker could exploit the vulnerability by sending specially crafted requests to an affected system.
SonicWall Analytics 18.104.22.168-2520 and earlier
SonicWall Global Management System (GMS) 9.3.1-SP2-Hotfix1 and earlier
Successful exploitation of the vulnerability could lead to data tampering, information disclosure, security restriction bypass or compromise of an affected system.
Software updates or patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.