Security researchers at Bishop Fox have disclosed detailed exploitation methods for a critical vulnerability (CVE-2024-53704) affecting SonicWall’s SonicOS SSL VPN application. This high-risk security flaw enables attackers to bypass authentication and hijack active VPN sessions.

Vulnerability Impact and Exploitation
– Affects multiple versions of SonicOS (7.1.x, 7.1.2-7019, and 8.0.0-8035)
– Impacts Gen 6, Gen 7, and SOHO series firewalls
– Approximately 4,500 exposed servers remain unpatched
– Enables unauthorized network access through session hijacking

Technical Details
The exploit works by:
1. Sending crafted session cookies with base64-encoded null bytes
2. Targeting the SSL VPN authentication endpoint (‘/cgi-bin/sslvpnclient’)
3. Exploiting incorrect session validation
4. Gaining access to:
– VPN client configurations
– Virtual Office bookmarks
– Internal network resources
– Private network access

Available Security Updates
Patched versions include:
– SonicOS 8.0.0-8037 and later
– 7.0.1-5165 and higher
– 7.1.3-7015 and higher
– 6.5.5.1-6n and higher

Given the public availability of the exploit code, immediate patching is crucial for all affected systems to prevent unauthorized access and potential network breaches.