Connect with us

Hi, what are you looking for?


Email Security

Hackers Can Hijack Dell Email Security Appliances

Dell has patched several vulnerabilities in its SonicWALL Email Security product, including four high severity issues that can be exploited to take control of a system and intercept corporate emails.

Dell has patched several vulnerabilities in its SonicWALL Email Security product, including four high severity issues that can be exploited to take control of a system and intercept corporate emails.

Researchers at Digital Defense have analyzed the SonicWALL Email Security virtual appliance and discovered vulnerabilities that can lead to command injection, arbitrary file deletion, denial-of-service (DoS) and information disclosure.

According to the security firm, an unauthenticated attacker can easily access backup files, including a settings file that contains an SHA-1 hash of the administrator account password. Some potentially sensitive files can also be accessed via an XML External Entity (XXE) injection attack.

Experts also found an issue related to a feature that can be used to send backup files to a remote FTP server. This function can be enabled by creating an FTP profile that includes the server’s address, port, username, password and destination path. The problem is that user input is not properly validated in some of these fields, allowing an authenticated attacker to inject arbitrary commands.

Attackers can also abuse a feature designed for adding and deleting compliance dictionaries to delete any file from the host running the SonicWALL Email Security software. This could lead to a DoS condition.

The vulnerable appliance is often configured for external access, allowing remote attackers to combine the authentication bypass and command execution flaws to take complete control of the device and leverage it to capture inbound and outbound corporate emails.

The vulnerabilities discovered by Digital Defense were patched earlier this month with the release of SonicWALL Email Security OS 8.3.2, which also addresses several other flaws.

Advertisement. Scroll to continue reading.

This is not the first time Digital Defense researchers have found vulnerabilities in SonicWALL products. In July, the company disclosed six weaknesses in the Dell SonicWALL Global Management System (GMS).

Related Reading: EMC Patches Critical Flaws in VMAX Storage Products

Related Reading: Attackers Can Target Enterprises via GroupWise Collaboration Tool

Related Reading: Cisco Forgets to Remove Testing Interface From Security Appliance

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

After skipping last month, Adobe returned to its scheduled Patch Tuesday cadence with the release of fixes for at least 38 vulnerabilities in multiple...

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.