Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote attacker to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
History

Wed, 30 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: sonicwall

Published: 2023-07-13T01:03:51.894Z

Updated: 2024-10-30T18:53:10.286Z

Reserved: 2023-05-25T22:45:46.851Z

Link: CVE-2023-34129

cve-icon Vulnrichment

Updated: 2024-08-02T16:01:54.159Z

cve-icon NVD

Status : Modified

Published: 2023-07-13T02:15:09.303

Modified: 2024-11-21T08:06:36.537

Link: CVE-2023-34129

cve-icon Redhat

No data.