SonicWall

SonicOS Host Header Redirection Vulnerability

First Published:10/13/2021 Last Updated:10/28/2021

What is the vulnerability?
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains. The following SonicWall products are impacted by this non-critical vulnerability:

PlatformsImpacted Version
TZ, NSa (GEN7)7.0.1-R1262 and older
NSv (Virtual GEN7)7.0.1-R1283 and older
NSsp (GEN7)7.0.1-R579 and older
NSa, TZ, SOHO W, SuperMassive 92xx/94xx/96xx (GEN6+)6.5.4.7 and older
NSsp 12K, SuperMassive 98006.5.1.12 and older
SuperMassive 10K6.0.5.3-94o and older
NSv (Virtual: VMWare/Hyper-V/AWS/Azure/KVM)All versions (virtual)
NSA, TZ, SOHO (GEN5)5.9.1.13 and older


Has this vulnerability been exploited in the wild?
No. There’s no indication that this vulnerability has been exploited. 

What steps do SonicWall customers and partners need to take?
SonicWall has advised customers and partners to upgrade SonicOS firmware to the patched versions below. 

Platforms: NSa, TZ, NSsp (GEN7)
SonicOS Impacted VersionSonicOS Patch Release
(Update to version or later)
NSa, TZ: 7.0.1-R1262 and older7.0.1-R1456
NSsp: 7.0.1-R579 and older7.0.1-5018-R1715


Platforms: NSv (Virtual: GEN7)
SonicOS Impacted Version SonicOS Patch Release
(Update to version or later)
7.0.1-R1283 and older7.0.1-5023-1349


Platforms: NSa, TZ, SOHO W, SuperMassive 92xx/94xx/96xx (GEN6+)
SonicOS Impacted Version SonicOS Patch Release
(Update to version or later)
6.5.4.7 and older6.5.4.8-89n


Platforms: NSsp 12K, SuperMassive 9800
SonicOS Impacted Version SonicOS Patch Release
(Update to version or later)
6.5.1.12-3n and older6.5.1.13-1n


Platforms: SuperMassive 10k
SonicOS Impacted Version SonicOS Patch Release
(Update to version or later)
6.0.5.3-94o and olderNo patches


Platforms: NSv
(Virtual: VMWare/Hyper-V/AWS/Azure/KVM)
SonicOS Impacted Version:SonicOS Patch Release
(Update to version or later)
All versions (virtual)6.5.4.v_21s-1288


Platforms: NSA, TZ, SOHO (GEN5)
SonicOS Impacted Version SonicOS Patch Release
(Update to version or later)
5.9.1.13 and olderNo patches


Additional Resources:

Previous Alert
Security Notice: Critical Arbitrary File Delete Vulnerability in SonicWall SMA 100 Series Appliances
Next Alert
Email Security Junk Box & Message Log Update Issues - Y2K22 Bug
Empresa
RECURSOS POPULARES

Mantenha-se em Contato

  • Ao enviar este formulário, você concorda com nossos Termos de Uso e reconhece nossa Declaração de Privacidade. Você pode cancelar a assinatura a qualquer momento no Centro de preferências.
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.

© 2024 SonicWall. All Rights Reserved.