VYPR
High severity8.8NVD Advisory· Published Jul 13, 2023· Updated Jun 17, 2026

CVE-2023-34127

CVE-2023-34127

Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

Affected products

4
  • Range: <=2.5.0.4-R7
  • SonicWall/GMSllm-fuzzy2 versions
    <=9.3.2-SP1+ 1 more
    • (no CPE)range: <=9.3.2-SP1
    • (no CPE)range: 9.3.2-SP1 and earlier versions
  • SonicWall/Analyticsv5
    Range: 2.5.0.4-R7 and earlier versions

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.