QwikSec

Security Database

CVE

CWE

Training

CVE-2024-45316

Published: Oct 11, 2024

Modified: Oct 11, 2024

PUBLISHED

Description

The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.

Vendor	Product	Versions
SonicWall	Connect Tunnel	affected `12.4.3.271 and earlier versions`

Weaknesses (CWE)

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.