Security News > 2021 > December > SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws

SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws
2021-12-08 21:18

Network security vendor SonicWall is urging customers to update their SMA 100 series appliances to the latest version following the discovery of multiple security vulnerabilities that could be abused by a remote attacker to take complete control of an affected system.

CVE-2021-20039 - SMA 100 Series authenticated command injection vulnerability as root.

CVE-2021-20040 - SMA 100 Series unauthenticated file upload path traversal vulnerability.

CVE-2021-20043 - SMA 100 Series "GetBookmarks" heap-based buffer overflow vulnerability.

CVE-2021-20044 - SMA 100 Series post-authentication remote code execution vulnerability.

CVE-2021-20045 - SMA 100 Series unauthenticated file explorer heap-based and stack-based buffer overflow vulnerabilities.


News URL

https://thehackernews.com/2021/12/sonicwall-urges-customers-to.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-12-08 CVE-2021-20045 Classic Buffer Overflow vulnerability in Sonicwall products
A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance.
network
low complexity
sonicwall CWE-120
critical
9.8
2021-12-08 CVE-2021-20044 OS Command Injection vulnerability in Sonicwall products
A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS system commands in the appliance.
network
low complexity
sonicwall CWE-78
8.8
2021-12-08 CVE-2021-20043 Out-of-bounds Write vulnerability in Sonicwall products
A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance.
network
low complexity
sonicwall CWE-787
8.8
2021-12-08 CVE-2021-20040 Path Traversal vulnerability in Sonicwall products
A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user.
network
low complexity
sonicwall CWE-22
7.5
2021-12-08 CVE-2021-20039 OS Command Injection vulnerability in Sonicwall products
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user.
network
low complexity
sonicwall CWE-78
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 113 0 41 74 38 153
SMA 42 0 0 8 8 16