.. / CVE-2023-34124

Exploit for SonicWall GMS and Analytics Web Services - Shell Injection (CVE-2023-34124)

Description:

The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions

Nuclei Template

View the template here CVE-2023-34124.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-34124.yaml
Copy

References:

https://attackerkb.com/topics/Vof5fWs4rx/cve-2023-34127/rapid7-analysis
https://github.com/getdrive/PoC/blob/main/2023/Sonicwall_Shell_Injection/sonicwall_shell_injection_cve_2023_34124.rb
https://raw.githubusercontent.com/rapid7/metasploit-framework/4b130f5be7590d04878f3bda37555e59e733324d/modules/exploits/multi/http/sonicwall_shell_injection_cve_2023_34124.rb
https://nvd.nist.gov/vuln/detail/CVE-2023-34124
https://www.sonicwall.com/support/product-notification/urgent-security-notice-sonicwall-gms-analytics-impacted-by-suite-of-vulnerabilities/230710150218060/