Vulnerabilities > Sonicwall > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-13 | CVE-2023-34135 | Path Traversal vulnerability in Sonicwall Analytics and Global Management System Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via web service. | 6.5 |
2023-07-13 | CVE-2023-34125 | Path Traversal vulnerability in Sonicwall Analytics and Global Management System Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. | 6.5 |
2023-02-14 | CVE-2023-0655 | Information Exposure Through an Error Message vulnerability in Sonicwall Email Security 10.0.9 SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses. | 5.3 |
2022-05-13 | CVE-2022-1702 | Open Redirect vulnerability in Sonicwall products SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability. | 6.1 |
2022-05-04 | CVE-2021-20051 | Uncontrolled Search Path Element vulnerability in Sonicwall Global VPN Client 4.10.4.0314/4.10.6 SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. | 6.9 |
2022-04-27 | CVE-2022-22275 | Unspecified vulnerability in Sonicwall Sonicos 7.0.0.0/7.0.1.0 Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable. | 5.0 |
2022-04-27 | CVE-2022-22276 | Information Exposure vulnerability in Sonicwall products A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user. | 5.0 |
2022-04-27 | CVE-2022-22277 | Information Exposure vulnerability in Sonicwall products A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext. | 5.0 |
2022-04-27 | CVE-2022-22278 | Allocation of Resources Without Limits or Throttling vulnerability in Sonicwall products A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack | 5.0 |
2022-04-13 | CVE-2022-22279 | Path Traversal vulnerability in Sonicwall products A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions | 4.9 |