A hacker has put up for sale an exploit targeting SonicWALL SSL-VPN systems, claiming it can provide unauthorized access to a wealth of sensitive information. Priced at $1000, the exploit allegedly allows the attacker to bypass two-factor authentication (2FA) and access records from the RADIUS base within SonicWALL.
The information available through this exploit announced includes user cookies, login credentials, passwords, domain information, and details related to Active Directory Rules. This level of access could potentially enable an attacker to compromise entire networks and obtain critical data.
As an additional incentive, the seller is offering bonus items with the purchase:
- Dorks for IP search
- A list of IP addresses
The hacker’s claims, if true, pose a significant threat to organizations using SonicWALL SSL-VPN systems.