Security News > 2021 > December > SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws
Network security vendor SonicWall is urging customers to update their SMA 100 series appliances to the latest version following the discovery of multiple security vulnerabilities that could be abused by a remote attacker to take complete control of an affected system.
CVE-2021-20039 - SMA 100 Series authenticated command injection vulnerability as root.
CVE-2021-20040 - SMA 100 Series unauthenticated file upload path traversal vulnerability.
CVE-2021-20043 - SMA 100 Series "GetBookmarks" heap-based buffer overflow vulnerability.
CVE-2021-20044 - SMA 100 Series post-authentication remote code execution vulnerability.
CVE-2021-20045 - SMA 100 Series unauthenticated file explorer heap-based and stack-based buffer overflow vulnerabilities.
News URL
https://thehackernews.com/2021/12/sonicwall-urges-customers-to.html
Related news
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- Over 25,000 SonicWall VPN Firewalls exposed to critical flaws (source)
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-08 | CVE-2021-20045 | Classic Buffer Overflow vulnerability in Sonicwall products A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. | 9.8 |
2021-12-08 | CVE-2021-20044 | OS Command Injection vulnerability in Sonicwall products A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS system commands in the appliance. | 8.8 |
2021-12-08 | CVE-2021-20043 | Out-of-bounds Write vulnerability in Sonicwall products A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance. | 8.8 |
2021-12-08 | CVE-2021-20040 | Path Traversal vulnerability in Sonicwall products A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. | 7.5 |
2021-12-08 | CVE-2021-20039 | OS Command Injection vulnerability in Sonicwall products Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. | 8.8 |