SonicWall has released a security advisory to address an unauthenticated SQL injection vulnerability in SonicWall Analytics and GMS products. A remote unauthenticated attacker could exploit the vulnerability by sending specially crafted requests to an affected system.
Successful exploitation of the vulnerability could lead to data tampering, information disclosure, security restriction bypass or compromise of an affected system.
Software updates or patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.