Vulnerabilities > Sonicwall

DATE CVE VULNERABILITY TITLE RISK
2021-07-09 CVE-2021-20024 Out-Of-Bounds Read vulnerability in Sonicwall Switch
Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a system instability or potentially read sensitive information from the memory locations.
low complexity
sonicwall CWE-125
6.8
2021-06-23 CVE-2021-20019 Information Exposure vulnerability in Sonicwall Sonicos and Sonicosv
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
network
low complexity
sonicwall CWE-200
5.0
2021-06-14 CVE-2021-20027 Classic Buffer Overflow vulnerability in Sonicwall Sonicos
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request.
network
low complexity
sonicwall CWE-120
5.0
2021-05-27 CVE-2021-20026 OS Command Injection vulnerability in Sonicwall Network Security Manager 2.2.0
A vulnerability in the SonicWall NSM On-Prem product allows an authenticated attacker to perform OS command injection using a crafted HTTP request.
network
low complexity
sonicwall CWE-78
critical
9.0
2021-05-13 CVE-2021-20025 USE of Hard-Coded Credentials vulnerability in Sonicwall Email Security Virtual Appliance
SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup.
6.9
2021-04-20 CVE-2021-20023 Path Traversal vulnerability in Sonicwall Email Security
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
network
low complexity
sonicwall CWE-22
4.0
2021-04-10 CVE-2021-20020 Improper Authentication vulnerability in Sonicwall Global Management System 9.3
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
network
low complexity
sonicwall CWE-287
critical
10.0
2021-04-09 CVE-2021-20022 Unrestricted Upload of File With Dangerous Type vulnerability in Sonicwall Email Security and Hosted Email Security
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.
network
low complexity
sonicwall CWE-434
6.5
2021-04-09 CVE-2021-20021 Improper Privilege Management vulnerability in Sonicwall Email Security and Hosted Email Security
A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.
network
low complexity
sonicwall CWE-269
7.5
2021-03-13 CVE-2021-20018 Improper Authentication vulnerability in Sonicwall Sma100 Firmware 10.2.0.220Sv
A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address.
network
low complexity
sonicwall CWE-287
4.0