Vulnerabilities > Sonicwall

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-31	CVE-2019-7479	Improper Privilege Management vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. network low complexity sonicwall CWE-269	7.2
2019-12-31	CVE-2019-7478	SQL Injection vulnerability in Sonicwall Global Management System A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. network low complexity sonicwall CWE-89 critical	9.8
2019-12-23	CVE-2019-7489	Unspecified vulnerability in Sonicwall Email Security Appliance 10.0.2/7.4.5/7.5 A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. network low complexity sonicwall critical	9.8
2019-12-23	CVE-2019-7488	Weak Password Requirements vulnerability in Sonicwall Email Security Appliance 10.0.2/7.4.5/7.5 Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. network low complexity sonicwall CWE-521 critical	9.8
2019-12-19	CVE-2019-7487	Unquoted Search Path or Element vulnerability in Sonicwall Sonicos Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. local low complexity sonicwall CWE-428	7.8
2019-12-19	CVE-2019-7486	Code Injection vulnerability in Sonicwall SMA 100 Firmware 9.0.0.0/9.0.0.3/9.0.0.4 Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. network low complexity sonicwall CWE-94	8.8
2019-12-19	CVE-2019-7485	Classic Buffer Overflow vulnerability in Sonicwall SMA 100 Firmware 9.0.0.0/9.0.0.3 Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. network low complexity sonicwall CWE-120	8.8
2019-12-19	CVE-2019-7484	SQL Injection vulnerability in Sonicwall SMA 100 Firmware 9.0.0.0/9.0.0.3 Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. network low complexity sonicwall CWE-89	6.5
2019-12-19	CVE-2019-7483	Path Traversal vulnerability in Sonicwall SMA 100 Firmware 9.0.0.0/9.0.0.3 In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server. network low complexity sonicwall CWE-22	7.5
2019-12-19	CVE-2019-7482	Out-of-bounds Write vulnerability in Sonicwall SMA 100 Firmware 9.0.0.0/9.0.0.3 Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. network low complexity sonicwall CWE-787 critical	9.8

Vulnerabilities > Sonicwall {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sonicwall"}]}

Vulnerabilities > Sonicwall