CVE-2014-8420

SonicWALL Analyzer < 7.2 SP2 - Authenticated Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-8420. PoCs published by Michael Flanders, kernelsmith, including Metasploit module exploits/unix/sonicwall/sonicwall_xmlrpc_rce.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated command injection vulnerability in SonicWall Global Management System Virtual Appliance via XML-RPC. The exploit sends a malicious XML payload to trigger command execution in the context of the vulnerable service.

Description

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Michael Flanders, kernelsmith · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/sonicwall/sonicwall_xmlrpc_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits an unauthenticated command injection vulnerability in SonicWall Global Management System Virtual Appliance via XML-RPC. The exploit sends a malicious XML payload to trigger command execution in the context of the vulnerable service.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SonicWall Global Management System Virtual Appliance versions 8.1 (Build 8110.1197) and below

No auth needed

Prerequisites: Network access to port 21009 on the target · Target running vulnerable SonicWall GMS version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory x_refsource_confirm

https://support.software.dell.com/product-notification/136814

VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/98911

Third Party Advisory, VDB Entry x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-14-385/

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/71241

Scores

EPSS 0.7381

EPSS Percentile 98.8%

Details

CWE

CWE-20

Status published

Products (3)

sonicwall/analyzer 7.2 sp1

sonicwall/global_management_system 7.2 sp1

sonicwall/uma_em5000

Published Nov 25, 2014

Tracked Since Feb 18, 2026