Vulnerabilities > Sonicwall > Netextender

DATE CVE VULNERABILITY TITLE RISK
2024-07-18 CVE-2024-29014 Unspecified vulnerability in Sonicwall Netextender
Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update.
network
low complexity
sonicwall
8.8
2024-01-18 CVE-2023-6340 Out-of-bounds Write vulnerability in Sonicwall Capture Client and Netextender
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver.
local
low complexity
sonicwall CWE-787
5.5
2023-10-27 CVE-2023-44220 Uncontrolled Search Path Element vulnerability in Sonicwall Netextender
SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component.
local
low complexity
sonicwall CWE-427
7.3
2023-10-03 CVE-2023-44217 Unspecified vulnerability in Sonicwall Netextender
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.
local
low complexity
sonicwall
7.8
2023-10-03 CVE-2023-44218 Unspecified vulnerability in Sonicwall Netextender
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.
local
low complexity
sonicwall
7.8
2022-05-13 CVE-2022-22281 Classic Buffer Overflow vulnerability in Sonicwall Netextender
A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system.
local
low complexity
sonicwall CWE-120
7.8
2021-01-09 CVE-2020-5147 Unquoted Search Path or Element vulnerability in Sonicwall Netextender
SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system.
local
low complexity
sonicwall CWE-428
5.3
2020-07-17 CVE-2020-5131 Improper Input Validation vulnerability in Sonicwall Netextender
SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system.
local
low complexity
sonicwall CWE-20
7.8