CVE-2019-7483
Published: 19 December 2019
Summary
CVE-2019-7483 is a high-severity Path Traversal (CWE-22) vulnerability in Sonicwall Sma 100 Firmware. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 2.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
In SonicWall SMA100 appliances, CVE-2019-7483 is an unauthenticated directory traversal vulnerability (CWE-22) residing in the handleWAFRedirect CGI component. The flaw permits remote attackers to supply crafted path sequences that reveal whether arbitrary files exist on the underlying server, carrying a CVSS 3.1 base score of 7.5 due to its network-exposable, low-complexity nature and high confidentiality impact without requiring authentication.
An unauthenticated attacker with network access can invoke the affected CGI endpoint to perform file-existence probes across the filesystem. Successful traversal checks can disclose the presence of sensitive configuration files, scripts, or other resources, providing reconnaissance that may facilitate subsequent targeted attacks against the SMA100 device.
The issue is documented in SonicWall PSIRT advisory SNWLID-2019-0018 and appears in the CISA Known Exploited Vulnerabilities catalog, confirming observed real-world exploitation. Security practitioners should apply the patches or configuration updates referenced in the vendor advisory to eliminate the traversal vector.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2019-17025
Vulnerability details
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.
- CWE(s)
- KEV Date Added
- 28 March 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces access control decisions on the handleWAFRedirect CGI so that unauthenticated directory traversal requests are denied before file-existence probes succeed.
Requires validation of user-supplied path input to the CGI, rejecting traversal sequences that would otherwise reveal arbitrary file presence.
Limits the set of actions the SMA100 may perform for unauthenticated users, directly restricting the file-existence test exposed by this vulnerability.