Vulnerabilities > Sonicwall > Sma1000 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-01-19 CVE-2023-0126 Path Traversal vulnerability in Sonicwall Sma1000 Firmware 12.4.2
Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory.
network
low complexity
sonicwall CWE-22
7.5
2022-03-10 CVE-2022-0847 Improper Initialization vulnerability in multiple products
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values.
7.8
2021-07-20 CVE-2021-33909 Integer Overflow or Wraparound vulnerability in multiple products
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
7.8
2020-03-26 CVE-2020-5129 HTTP Request Smuggling vulnerability in Sonicwall Sma1000 Firmware 12.1.006411
A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service.
network
low complexity
sonicwall CWE-444
7.5