CVE-2018-9866
CRITICAL EXPLOITED IN THE WILDSonicWall Global Management System < 8.1 - Remote Code Execution via XML-RPC Parameter Injection
Title source: llmExploitation Summary
CVE-2018-9866 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).
Description
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
https://twitter.com/ddouhine/status/1019251292202586112
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/rapid7/metasploit-framework/pull/10305
Third Party Advisory x_refsource_confirm
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0007
Scores
CVSS v3
9.8
EPSS
0.1123
EPSS Percentile
93.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2018-10-27
InTheWild.io
2018-09-07
CWE
CWE-20
CWE-77
Status
published
Products (1)
sonicwall/global_management_system
< 8.1
Published
Aug 03, 2018
Tracked Since
Feb 18, 2026