Vulnerabilities > Sonicwall > Global Management System > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-31 | CVE-2019-7478 | SQL Injection vulnerability in Sonicwall Global Management System A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. | 9.8 |
| 2018-08-03 | CVE-2018-9866 | Improper Input Validation vulnerability in Sonicwall Global Management System A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. | 9.8 |
| 2016-02-17 | CVE-2016-2396 | Command Injection vulnerability in Sonicwall products The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input. | 9.9 |
| 2016-02-17 | CVE-2016-2397 | Command Injection vulnerability in Sonicwall products The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data. | 9.8 |