What the vulnerability does

01Description

A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.

Key dates

02Disclosure timeline

August 3, 2018 CVE published
May 5, 2025 Record updated