Vulnerability in Sonicwall Netextender

CVE-2015-4173

Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain…

EPSS: 0.003 (56.9th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Netextender
N/a — versions n/a

Weakness classification (CWE)

CWE-428 — Unquoted Search Path or Element

References

cve@mitre.org (VDB Entry, Third Party Advisory, x_refsource_MISC)
20150824 Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation (mailing-list, x_refsource_BUGTRAQ, Third Party Advisory, VDB Entry)
1033417 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Broken Link)