CVE-2019-7483
HIGH WAF: High
CVSS 7.5
Published: 2019-12-19
CWE-22 CWE-22
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.
WAF Coverage Analysis
Path Traversal
High WAF Coverage
OWASP: A01:2021 Broken Access Control
930xxx - Local File Inclusion
Path Traversal
High WAF Coverage
OWASP: A01:2021 Broken Access Control
930xxx - Local File Inclusion
Affected Software
| Vendor | Product | Version |
|---|---|---|
| sonicwall | sma_100_firmware | up to 9.0.0.4 |
References
- psirt.global.sonicwall.com (Vendor Advisory)
- www.cisa.gov (US Government Resource)