Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-2248

EPSS 2.69% · P86
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-2248

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request to cgi-bin/editBookmark.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Dell SonicWALL Secure Remote Access 跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Dell SonicWall Secure Remote Access(SRA)是美国戴尔(Dell)公司的一款Dell SonicWall安全移动访问解决方案中的SonicWALL安全远程访问系列设备。 使用7.5.1.0-38sv之前版本和8.0.0.1-16sv之前8.x版本固件的Dell SonicWALL SRA产品的用户访问入口中存在跨站请求伪造漏洞。远程攻击者可通过向cgi-bin/editBookmark URI发送特制的请求利用该漏洞创建书签。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2015-2248

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2015-2248

登录查看更多情报信息。

Same Patch Batch · n/a · 2015-05-01 · 18 CVEs total

CVE-2015-3633多款Foxit产品资源管理错误漏洞
CVE-2014-8361Realtek SDK 输入验证错误
CVE-2015-1250Google Chrome 拒绝服务漏洞
CVE-2015-1243Google Chrome Blink 释放后重用漏洞
CVE-2015-0914EasyCTF 安全漏洞
CVE-2015-0913EasyCTF 跨站脚本漏洞
CVE-2015-0912EasyCTF 安全漏洞
CVE-2015-0712Cisco ASR 5000 StarOS 资源管理错误漏洞
CVE-2015-0532EMC RSA Identity Management and Governance 权限许可和访问控制漏洞
CVE-2014-3598Python Image Library Jpeg2KImagePlugin插件资源管理错误漏洞
CVE-2015-3632多款Foxit产品拒绝服务漏洞
CVE-2015-3446AlienVault Unified Security Management 远程代码执行漏洞
CVE-2015-3435Samsung Security Manager 远程代码执行漏洞
CVE-2015-3337Elasticsearch 路径遍历漏洞
CVE-2015-3153Haxx cURL和Libcurl 信息泄露漏洞
CVE-2015-0257Red Hat Enterprise Virtualization Manager 权限许可和访问控制问题漏洞
CVE-2015-0237Red Hat Enterprise Virtualization Manager 权限许可和访问控制问题漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2015-2248

No comments yet

Leave a comment