CVE-2023-34127

CVE-2023-34127

Vendor Sonicwall

Product GMS

Weakness CWE-78

Published July 13, 2023

Last update April 23, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

Key dates

02Disclosure timeline

July 13, 2023 CVE published

April 23, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-34127

Related vulnerabilities

Identifiers

CVE CVE-2023-34127

CWE CWE-78

Affected versions

Vendor Sonicwall

Product GMS

Affected 9.3.2-SP1 and earlier versions

Vendor Sonicwall

Product Analytics

Affected 2.5.0.4-R7 and earlier versions

01Description

02Disclosure timeline

03References

04Related CVE