Netextender

netextender

Vendor: Sonicwall • 9 CVEs

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-29014 1Sonicwall 1Netextender Nov 21, 2024 Jul 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update.
CVE-2023-6340 1Sonicwall 2Capture Client Netextender Jun 11, 2025 Jan 18, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by...Show more SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.Show less
CVE-2023-44220 1Sonicwall 1Netextender Nov 21, 2024 Oct 27, 2023 N/A· v4 7.3 HIGH· v3 N/A· v2 SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could res...Show more SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system.Show less
CVE-2023-44218 1Sonicwall 1Netextender Nov 21, 2024 Oct 3, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vu...Show more A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability. Show less
CVE-2023-44217 1Sonicwall 1Netextender Nov 21, 2024 Oct 3, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality...Show more A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality. Show less
CVE-2022-22281 1Sonicwall 1Netextender Nov 21, 2024 May 13, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating...Show more A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system.Show less
CVE-2020-5147 1Sonicwall 1Netextender Nov 21, 2024 Jan 9, 2021 N/A· v4 5.3 MEDIUM· v3 4.6 MEDIUM· v2 SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtend...Show more SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier.Show less
CVE-2020-5131 1Sonicwall 1Netextender Nov 21, 2024 Jul 17, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability imp...Show more SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier.Show less
CVE-2015-4173 1Sonicwall 1Netextender May 6, 2026 Aug 26, 2015 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows l...Show more Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.Show less