SonicWall SonicOS SSH Management Server-Side Request Forgery Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in the SonicOS SSH management interface. This vulnerability allows remote attackers to establish TCP connections to any IP address and port while the user is logged into the firewall. The issue affects multiple SonicWall firewall products across different generations and versions.

Impact

Exploitation of this vulnerability allows for server-side request forgery, enabling attackers to make unauthorized requests from the server to internal or external resources.

Remediation

Users are advised to update to the latest patched versions available. For Gen6 hardware firewalls, the fixed version is 6.5.5.1-6n and higher. For Gen7 firewalls and NSv, the fixed versions are 7.0.1-5165 and higher or 7.1.3-7015 and higher. For TZ80, the fixed version is 8.0.0-8037 and higher. If an immediate update is not possible, consider disabling SSH management access from the Internet.