.. / CVE-2019-7481

Exploit for SonicWall SRA 4600 VPN - SQL Injection (CVE-2019-7481)

Description:

The SonicWall SRA 4600 VPN appliance is susceptible to a pre-authentication SQL injection vulnerability.

Nuclei Template

View the template here CVE-2019-7481.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-7481.yaml

References:

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0016
https://github.com/Ostorlab/KEV
https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
https://nvd.nist.gov/vuln/detail/CVE-2019-7481
https://www.crowdstrike.com/blog/how-ecrime-groups-leverage-sonicwall-vulnerability-cve-2019-7481/