CVE-2021-20016: Zero-Day Vulnerability in SonicWall Secure Mobile Access (SMA) Exploited in the Wild
Tenable
FEBRUARY 4, 2021
Look for anomalous requests to: /cgi-bin/management That do not also have a preliminary request to: /__api__/v1/logon (200) /__api__/v1/logon/ /authenticate Indicating auth bypass. Virtual (Azure, AWS, ESXi, HyperV). Rich Warren (@buffaloverflow) January 31, 2021. Ease of exploitation akin to vulnerabilities in F5 and Citrix.
Let's personalize your content