A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Email_security | Sonicwall | * | 10.0.9.6103 (excluding) |
Hosted_email_security | Sonicwall | * | 10.0.9.6103 (excluding) |