Vulnerabilities > Sonicwall > Sonicos > 7.0.1.5119

DATE CVE VULNERABILITY TITLE RISK
2023-10-17 CVE-2023-41713 Use of Hard-coded Credentials vulnerability in Sonicwall Sonicos
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
network
low complexity
sonicwall CWE-798
7.5
2023-10-17 CVE-2023-41715 Improper Privilege Management vulnerability in Sonicwall Sonicos
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
network
low complexity
sonicwall CWE-269
8.8
2022-04-27 CVE-2022-22275 Unspecified vulnerability in Sonicwall Sonicos
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
network
low complexity
sonicwall
7.5
2022-03-25 CVE-2022-22274 Out-of-bounds Write vulnerability in Sonicwall Sonicos
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
network
low complexity
sonicwall CWE-787
critical
9.8
2022-01-10 CVE-2021-20046 Out-of-bounds Write vulnerability in Sonicwall Sonicos
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall.
network
low complexity
sonicwall CWE-787
8.8
2022-01-10 CVE-2021-20048 Out-of-bounds Write vulnerability in Sonicwall Sonicos
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall.
network
low complexity
sonicwall CWE-787
8.8
2021-10-12 CVE-2021-20031 Open Redirect vulnerability in Sonicwall Sonicos
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.
network
low complexity
sonicwall CWE-601
6.1
2021-06-23 CVE-2021-20019 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sonicwall Sonicos and Sonicosv
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
network
low complexity
sonicwall CWE-119
7.5
2021-06-14 CVE-2021-20027 Classic Buffer Overflow vulnerability in Sonicwall Sonicos
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request.
network
low complexity
sonicwall CWE-120
7.5
2021-03-25 CVE-2021-3450 Improper Certificate Validation vulnerability in multiple products
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain.
7.4