Unquoted Windows Search Path Vulnerability in Dell SonicWall NetExtender

Unquoted Windows Search Path Vulnerability in Dell SonicWall NetExtender

CVE-2015-4173 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

Learn more about our User Device Pen Test.