Backdoor Account Found in Dell Network Security Products

July 20, 2016

Security researchers have discovered six serious security issues that plague several Dell SonicWall products, one of which is a hidden account with easy-to-guess credentials.

US-based security firm Digital Defense, Inc. (DDI) found the issues and reported the problems to Dell, which has released patches to address all reported bugs today.

DDI says the issues are in the Dell SonicWALL Global Management System (GMS), a centralized management, reporting, and monitoring solution for SonicWALL appliances, such as the company’s VPNs and firewalls.

According to an advisory released today, DDI’s team reveal details about a hidden default account that uses an easily guessable password.

“ This hidden account can be used to add non administrative users via the CLI Client that can be downloaded from the Console interface of the GMS web application. The non-administrative user can then log into the web interfaces and change the password for the admin user, elevating their privilege to that of the admin user upon logging out and back in as the admin user with the new password. This would grant the attacker full control of the GMS interface and all attached SonicWALL appliances. ”

Read full story…