Vulnerabilities > Sonicwall > Global Management System > 8.4

DATE CVE VULNERABILITY TITLE RISK
2023-07-13 CVE-2023-34125 Path Traversal vulnerability in Sonicwall Analytics and Global Management System
Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges.
network
low complexity
sonicwall CWE-22
6.5
6.5
2023-07-13 CVE-2023-34126 Unrestricted Upload of File with Dangerous Type vulnerability in Sonicwall Analytics and Global Management System
Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges.
network
low complexity
sonicwall CWE-434
8.8
8.8
2023-07-13 CVE-2023-34127 OS Command Injection vulnerability in Sonicwall Analytics and Global Management System
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges.
network
low complexity
sonicwall CWE-78
8.8
8.8
2023-07-13 CVE-2023-34128 Insufficiently Protected Credentials vulnerability in Sonicwall Analytics and Global Management System
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file.
network
low complexity
sonicwall CWE-522
critical
 9.8
9.8
2022-10-13 CVE-2021-20030 Path Traversal vulnerability in Sonicwall Global Management System
SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files.
network
low complexity
sonicwall CWE-22
7.5
7.5
2019-12-31 CVE-2019-7478 SQL Injection vulnerability in Sonicwall Global Management System
A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module.
network
low complexity
sonicwall CWE-89
7.5
7.5
2019-04-26 CVE-2019-7476 Insecure Default Initialization of Resource vulnerability in Sonicwall Global Management System
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. 		6.8
6.8