Backdoor Account Found in Dell Network Security Products


Dell SonicWall equipment came/comes with a hidden account

Jul 20, 2016 21:04 GMT  ·  By Catalin Cimpanu

Security researchers have discovered six serious security issues that plague several Dell SonicWall products, one of which is a hidden account with easy-to-guess credentials.

US-based security firm Digital Defense, Inc. (DDI) found the issues and reported the problems to Dell, which has released patches to address all reported bugs today.

DDI says the issues are in the Dell SonicWALL Global Management System (GMS), a centralized management, reporting, and monitoring solution for SonicWALL appliances, such as the company’s VPNs and firewalls.

According to an advisory (down, cached page) released today, DDI’s team reveal details about a hidden default account that uses an easily guessable password.

“This hidden account can be used to add non administrative users via the CLI Client that can be downloaded from the Console interface of the GMS web application. The non-administrative user can then log into the web interfaces and change the password for the admin user, elevating their privilege to that of the admin user upon logging out and back in as the admin user with the new password. This would grant the attacker full control of the GMS interface and all attached SonicWALL appliances.  ”

“Five other issues discovered”

Additionally, the research team also stumbled upon two unauthenticated root command injections that lead to RCE (remote code execution) with root privileges on Dell equipment.

Add to this two more unauthenticated XML External Entity Injection (XXE) bugs and another issue that allowed unauthenticated network configuration changes via the GMC service, and all of a sudden, you have a very good reason to apply Dell’s patches if running such equipment in your network.

Dell acknowledged all reports and issued patches today for all affected customers who are deploying the GMS platform.

It’s worth knowing that Dell is just the latest network equipment vendor caught with a backdoor on its devices after the same had happened to Fortinet and Juniper.

MspPortal Partners Inc. Software Family
MspEncryptMail | MspSecureMail | MspMailfilter | MspAntivirus | MspManagedNetwork | MspSecureBackup | MspSecureDoc

Roy Miehe | MspPortal Partners Inc. | Ceo/President  Where Service and Technical Skills Count
Web: http://www.mspportalpartners.net
Blog: blog.mspportal.

Tags: , , , , , , , ,

Comments are closed.

%d bloggers like this: