VYPR

SonicWall Scrutinizer

by Dell

CVEs (2)

  • CVE-2014-4977Jul 16, 2014
    risk 0.09cvss epss 0.75

    Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the (2) user_id parameter in the changeUnit…

  • CVE-2014-4976Jul 16, 2014
    risk 0.00cvss epss 0.03

    Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to change user passwords via the user ID in the savePrefs parameter in a change password request to cgi-bin/admin.cgi.