Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-20038 PoC — Sonicwall SMA100 缓冲区错误漏洞

Source
https://github.com/vesperp/CVE-2021-20038-SonicWall-RCE
Associated Vulnerability
Title:Sonicwall SMA100 缓冲区错误漏洞 (CVE-2021-20038)
Description:A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
Readme
# SonicWallSSL-VPN_RCE
CVE-2021-20038

命令行传参
-h 查看帮助
-u 指定url
-f 指定file文件 

file内部的格式需添加http/https头
File Snapshot

 [4.0K]  /data/pocs/23275a9c2f2b096084a28e8ce2d3cb1404d7e438
├── [ 148]  README.md
├── [1.6K]  SonicWall-rebuild.py
└── [  19]  target.txt

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →