Vulnerabilities > Sonicwall
|2021-07-09||CVE-2021-20024|| Out-Of-Bounds Read vulnerability in Sonicwall Switch |
Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a system instability or potentially read sensitive information from the memory locations.
| 6.8 |
|2021-06-23||CVE-2021-20019|| Information Exposure vulnerability in Sonicwall Sonicos and Sonicosv |
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
| 5.0 |
|2021-06-14||CVE-2021-20027|| Classic Buffer Overflow vulnerability in Sonicwall Sonicos |
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request.
| 5.0 |
|2021-05-27||CVE-2021-20026|| OS Command Injection vulnerability in Sonicwall Network Security Manager 2.2.0 |
A vulnerability in the SonicWall NSM On-Prem product allows an authenticated attacker to perform OS command injection using a crafted HTTP request.
| 9.0 |
|2021-05-13||CVE-2021-20025|| USE of Hard-Coded Credentials vulnerability in Sonicwall Email Security Virtual Appliance |
SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup.
| 6.9 |
|2021-04-20||CVE-2021-20023|| Path Traversal vulnerability in Sonicwall Email Security |
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
| 4.0 |
|2021-04-10||CVE-2021-20020|| Improper Authentication vulnerability in Sonicwall Global Management System 9.3 |
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
| 10.0 |
|2021-04-09||CVE-2021-20022|| Unrestricted Upload of File With Dangerous Type vulnerability in Sonicwall Email Security and Hosted Email Security |
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.
| 6.5 |
|2021-04-09||CVE-2021-20021|| Improper Privilege Management vulnerability in Sonicwall Email Security and Hosted Email Security |
A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.
| 7.5 |
|2021-03-13||CVE-2021-20018|| Improper Authentication vulnerability in Sonicwall Sma100 Firmware 10.2.0.220Sv |
A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address.
| 4.0 |