Comments
-
Same here buggy software, horrible support and to much security related vulnerabilities. Functionality is fine if it is working.... We also start to move to another vendor
-
Hi, sorry for the delay. @BWC thanks for testing and sharing @Ajishlal Firewall is not a Sonicwall. We are using a Cisco Firepower running on the latest recommended version. We also did a test with an pfsense firewall. Always the same bad results. We also tried a web server behind the Firewall for SSL throuput testing and…
-
Hi, yes, I can confirm this issue. It is also not working on our SMA
-
Sonicwall can protect you from APTs but they can not protect there own system for a simple blind sql injection :) That's all information i need. Just say nothing says it all... Just have a quick look at the end of the post from a well known security researcher and ex member of the known Lulzsec hacking group Sonicwall…
-
I would try to ask Ollie Whitehouse or Rich Warren on twitter. They found the vulnerability (NCCGroupInfosec). They have properly more information about as sonicwall. It looks like sonicwall is "overwhelmed" https://mobile.twitter.com/ollieatnccgroup https://mobile.twitter.com/buffaloverflow
-
@BWC if your WAF is still enabled. You should still see the prevenation of the attack (Monitor under WAF)
-
@stf First i would remove your dst IP :) Additional the Source-IP is from OVH a hoster. I would write them an abuse e-mail to abuse@ovh.ca
-
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session-related information. This vulnerability impacted SMA100 build version 10.x.
-
Perfect you released a hotfix. Unfortunately the bugs we reported are back. We ran on a private build.
-
UPDATE: FEBRUARY 2, 2021, 11. P.M. CST The SMA 100 series 10.x patch announced yesterday to address the zero-day vulnerability is still undergoing final testing and our new estimate for delivery is early Feb. 3 (PST). Meanwhile, we have identified an additional mitigation to remediate the attack on the SMA 100 series 10.x…
-
Hotfix? EOB 02.02.2021? Which timezone? CST?
-
@BWC hopefully they will give us some more information soon. I have also some additional questions but I will wait until the releases the fix. I think they are putting all their strength into the fix at the moment.
-
Sounds for me as a general authentication problem not related to an interface: "For user-level auth bypass (either via the VPN client or web), look for requests to: /cgi-bin/sslvpnclient /cgi-bin/portal without a prior request to: /cgi-bin/userLogin (for VPN client) or for web: /__api__/v1/logon (200)…
-
Hi on Twitter you can find some additional information. https://mobile.twitter.com/buffaloverflow/status/1355874671347044354?s=21
-
Hi, which Firmware version are you using? We are also using GeoIP Filter and blocking some counties including the US but it is a SMA200. GeoIP-Blokcing is working without any issues. We are on Firmware 10.2.0.3-24sv