Vulnerabilities > CVE-2022-22274 - Out-of-bounds Write vulnerability in Sonicwall Sonicos

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sonicwall

CWE-787

NVD

Published: 2022-03-25

Updated: 2022-03-31

Summary

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.

Vulnerable Configurations

Part	Description	Count
OS	Sonicwall Sonicwall Sonicos - Sonicwall Sonicos 5.0.0.0 Sonicwall Sonicos 5.0.0.6 Sonicwall Sonicos 5.0.0.8 Sonicwall Sonicos 5.0.0.13 Sonicwall Sonicos 5.8.0.0 Sonicwall Sonicos 5.8.0.2 Sonicwall Sonicos 5.8.1.5 Sonicwall Sonicos 5.8.1.10 Sonicwall Sonicos 5.9.0.0 Sonicwall Sonicos 5.9.0.7 Sonicwall Sonicos 5.9.1.0 Sonicwall Sonicos 5.9.1.10 Sonicwall Sonicos 5.9.1.12 Sonicwall Sonicos 5.9.1.12-4O Sonicwall Sonicos 5.9.1.13 Sonicwall Sonicos 6.0.0.0 Sonicwall Sonicos 6.0.5.3 Sonicwall Sonicos 6.1.2.0 Sonicwall Sonicos 6.2.0.0 Sonicwall Sonicos 6.2.0.1 Sonicwall Sonicos 6.2.1.0 Sonicwall Sonicos 6.2.2.0 Sonicwall Sonicos 6.2.3.1 Sonicwall Sonicos 6.2.4.0 Sonicwall Sonicos 6.2.4.3 Sonicwall Sonicos 6.2.5.0 Sonicwall Sonicos 6.2.5.3 Sonicwall Sonicos 6.2.6.0 Sonicwall Sonicos 6.2.6.1 Sonicwall Sonicos 6.2.7.0 Sonicwall Sonicos 6.2.7.1 Sonicwall Sonicos 6.2.7.3 Sonicwall Sonicos 6.2.7.4 Sonicwall Sonicos 6.2.7.4-32N Sonicwall Sonicos 6.2.7.5 Sonicwall Sonicos 6.2.7.7 Sonicwall Sonicos 6.2.7.8 Sonicwall Sonicos 6.2.7.10-3N Sonicwall Sonicos 6.2.9.0 Sonicwall Sonicos 6.2.9.1 Sonicwall Sonicos 6.2.9.2 Sonicwall Sonicos 6.4.0.0 Sonicwall Sonicos 6.4.1.0-3N Sonicwall Sonicos 6.5.0.0 Sonicwall Sonicos 6.5.0.3 Sonicwall Sonicos 6.5.1.0 Sonicwall Sonicos 6.5.1.3 Sonicwall Sonicos 6.5.1.4 Sonicwall Sonicos 6.5.1.4-4N Sonicwall Sonicos 6.5.1.5 Sonicwall Sonicos 6.5.1.8 Sonicwall Sonicos 6.5.1.9-4N Sonicwall Sonicos 6.5.1.11 Sonicwall Sonicos 6.5.1.12-3N Sonicwall Sonicos 6.5.2.0 Sonicwall Sonicos 6.5.2.1 Sonicwall Sonicos 6.5.2.2 Sonicwall Sonicos 6.5.2.3 Sonicwall Sonicos 6.5.2.3-4N Sonicwall Sonicos 6.5.3.0 Sonicwall Sonicos 6.5.3.1 Sonicwall Sonicos 6.5.3.3 Sonicwall Sonicos 6.5.3.3-3N Sonicwall Sonicos 6.5.4.0 Sonicwall Sonicos 6.5.4.0. Sonicwall Sonicos 6.5.4.3 Sonicwall Sonicos 6.5.4.4 Sonicwall Sonicos 6.5.4.4-44N Sonicwall Sonicos 6.5.4.5 Sonicwall Sonicos 6.5.4.6-79N Sonicwall Sonicos 6.5.4.7 Sonicwall Sonicos 6.5.4.7-83N Sonicwall Sonicos 7.0.0.0 Sonicwall Sonicosv - Sonicwall Sonicosv 6.5.0.2-8V_Rc363 Sonicwall Sonicosv 6.5.0.2.8V Sonicwall Sonicosv 6.5.0.2.8V_Rc366 Sonicwall Sonicosv 6.5.0.2.8V_Rc367 Sonicwall Sonicosv 6.5.0.2.8V_Rc368 Sonicwall Sonicosv 6.5.4.4	85
Hardware	Sonicwall Sonicwall NSA 2700 - Sonicwall NSA 3700 - Sonicwall NSA 4700 - Sonicwall NSA 5700 - Sonicwall NSA 6700 - Sonicwall Nssp 10700 - Sonicwall Nssp 11700 - Sonicwall Nssp 13700 - Sonicwall NSV 270 - Sonicwall NSV 470 - Sonicwall NSV 870 - Sonicwall Tz270 - Sonicwall Tz270W - Sonicwall Tz370 - Sonicwall Tz370W - Sonicwall Tz470 - Sonicwall Tz470W - Sonicwall Tz570 - Sonicwall Tz570P - Sonicwall Tz570W - Sonicwall Tz670 - Sonicwall Nssp 15700 - Sonicwall NSV 10 - Sonicwall NSV 100 - Sonicwall NSV 1600 - Sonicwall NSV 200 - Sonicwall NSV 25 - Sonicwall NSV 300 - Sonicwall NSV 400 - Sonicwall NSV 50 - Sonicwall NSV 800 -	31

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Related news

References