Vulnerabilities > Sonicwall > SMA 100 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-02-04 CVE-2021-20016 SQL Injection vulnerability in Sonicwall products
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information.
network
low complexity
sonicwall CWE-89
critical
 9.8
9.8
2019-12-19 CVE-2019-7482 Out-of-bounds Write vulnerability in Sonicwall SMA 100 Firmware 9.0.0.0/9.0.0.3
Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so.
network
low complexity
sonicwall CWE-787
critical
 9.8
9.8