SonicWall.SSL.VPN.NetExtender.ActiveX.Access
Description
This indicates an attempt to exploit a vulnerability in SonicWALL's SSL-VPN Client.
This vulnerability is caused by an error in the "FileDelete" and "AddRouteEntry" methods in the "WebCacheCleaner" and "NELaunchCtrl" ActiveX Controls. It allows remote attackers to delete arbitrary files or execute arbitrary code via a crafted web page.
Affected Products
SonicWALL SSL-VPN 1.3.0.3
Impact
System Compromise: remote attackers can delete arbitrary files or execute arbitrary code.
Recommended Actions
Refer to the vendor's websit for suggested workround.
http://www.sonicwall.com
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |