CVE-2023-44221 Information

Description

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a ’nobody’ user potentially leading to OS Command Injection Vulnerability.

Reference

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018