Critical severity9.8NVD Advisory· Published Aug 3, 2018· Updated Jun 17, 2026
CVE-2018-9866
CVE-2018-9866
Description
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=8.1+ 1 more
- (no CPE)range: <=8.1
- (no CPE)range: 8.1 and earlier
Patches
Vulnerability mechanics
References
3- github.com/rapid7/metasploit-framework/pull/10305nvdExploitIssue TrackingThird Party Advisory
- psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007nvdThird Party Advisory
- twitter.com/ddouhine/status/1019251292202586112nvdThird Party Advisory
News mentions
0No linked articles in our index yet.