CVE-2015-2248
SonicWALL Remote Access Firmware < 7.5.1.0-38sv - Cross-Site Request Forgery via Bookmark Creation
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-2248. PoCs published by Veit Hailperin.
AI-analyzed exploit summary This exploit leverages a CSRF vulnerability in Dell SonicWALL SRA appliances to force a logged-in user to create a malicious bookmark, which then exfiltrates credentials to an attacker-controlled server. The PoC includes HTML forms for CSRF and a Metasploit listener setup for credential capture.
Description
Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request to cgi-bin/editBookmark.
Exploits (1)
This exploit leverages a CSRF vulnerability in Dell SonicWALL SRA appliances to force a logged-in user to create a malicious bookmark, which then exfiltrates credentials to an attacker-controlled server. The PoC includes HTML forms for CSRF and a Metasploit listener setup for credential capture.