SonicWall SMA-100 Unauth RCE
Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versions 10.2.1.x. The exploit, as written, will open up a telnet bind shell on port 1270. An attacker that connects to the shell will achieve execution as
Research:
https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis
Exploit:
https://github.com/jbaines-r7/badblood
#sonicwall #exploit #rce #cve
Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versions 10.2.1.x. The exploit, as written, will open up a telnet bind shell on port 1270. An attacker that connects to the shell will achieve execution as
nobody.Research:
https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis
Exploit:
https://github.com/jbaines-r7/badblood
#sonicwall #exploit #rce #cve
AttackerKB
CVE-2021-20038 | AttackerKB
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to po…