This Metasploit module exploits a vulnerability found in Dell SonicWall Scrutinizer. While handling the 'q' parameter, the PHP application does not properly filter the user-supplied data, which can be manipulated to inject SQL commands, and then gain remote code execution. Please note that authentication is NOT needed to exploit this vulnerability.
2fd37f85b3b97b8f8c3c3028dc3ce694832b09af2ec361d954d869e453380a88Dell SonicWALL Scrutinizer version 9.0.1 suffers from a remote SQL injection vulnerability.
51f8331d268be99ec1bf0765163b49d3c86e2071fd657509a74930a28343e6f9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed