Sonicwall

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-20037 1Sonicwall 1Global Vpn Client Nov 21, 2024 Sep 21, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This...Show more SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier.Show less
CVE-2021-20032 1Sonicwall 1Analytics Nov 21, 2024 Aug 10, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On...Show more SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier.Show less
CVE-2021-20028 1Sonicwall 6Sma 210 Firmware Sma 410 FirmwareSma 500v Firmware+3 more Oct 31, 2025 Aug 4, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earl...Show more Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlierShow less
CVE-2021-33909 6Debian FedoraprojectLinux+3 more 7Communications Session Border Controller Debian LinuxFedora+4 more Nov 21, 2024 Jul 20, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged use...Show more fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.Show less
CVE-2021-20024 1Sonicwall 1Switch Nov 21, 2024 Jul 9, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a system instability or potentially read sensitive information from the memory locations.
CVE-2021-20019 1Sonicwall 2Sonicos Sonicosv Nov 21, 2024 Jun 23, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVE-2021-20027 1Sonicwall 1Sonicos Nov 21, 2024 Jun 14, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv v...Show more A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.Show less
CVE-2021-20026 1Sonicwall 1Network Security Manager Nov 21, 2024 May 27, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability in the SonicWall NSM On-Prem product allows an authenticated attacker to perform OS command injection using a crafted HTTP request. This vulnerability affects NSM On-Prem 2.2.0-R10 and earlier versions.
CVE-2021-20025 1Sonicwall 1Email Security Virtual Appliance Nov 21, 2024 May 13, 2021 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account f...Show more SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the device is freshly installed and not connected to Mysonicwall.Show less
CVE-2021-20023 1Sonicwall 11Email Security Email Security Appliance 3300 FirmwareEmail Security Appliance 4300 Firmware+8 more Nov 12, 2025 Apr 20, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
CVE-2021-20020 1Sonicwall 1Global Management System Nov 21, 2024 Apr 10, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-20022 1Sonicwall 11Email Security Email Security Appliance 3300 FirmwareEmail Security Appliance 4300 Firmware+8 more Nov 10, 2025 Apr 9, 2021 N/A· v4 7.2 HIGH· v3 7.5 HIGH· v2 SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.
CVE-2021-20021 1Sonicwall 11Email Security Email Security Appliance 3300 FirmwareEmail Security Appliance 4300 Firmware+8 more Nov 10, 2025 Apr 9, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.
CVE-2021-3450 10Fedoraproject FreebsdMcafee+7 more 33Capture Client Cloud Volumes Ontap MediatorCommerce Guided Search+30 more Nov 21, 2024 Mar 25, 2021 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in t...Show more The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).Show less
CVE-2021-3449 12Checkpoint DebianFedoraproject+9 more 106Active Iq Unified Manager Capture ClientCloud Volumes Ontap Mediator+103 more Nov 21, 2024 Mar 25, 2021 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the...Show more An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).Show less
CVE-2021-20018 1Sonicwall 1Sma100 Firmware Nov 21, 2024 Mar 13, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. This vulnerability impacts SMA100 version 10.2.0.5 and earlier.
CVE-2021-20017 1Sonicwall 1Sma100 Firmware Nov 21, 2024 Mar 13, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulnerability impacts SMA100 version 10.2.0.5 and earlier.
CVE-2020-5148 1Sonicwall 1Directory Services Connector Nov 21, 2024 Mar 5, 2021 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentiall...Show more SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall access controls.Show less
CVE-2021-20016 1Sonicwall 6Sma 100 Firmware Sma 200 FirmwareSma 210 Firmware+3 more Oct 31, 2025 Feb 4, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability imp...Show more A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.Show less
CVE-2020-5147 1Sonicwall 1Netextender Nov 21, 2024 Jan 9, 2021 N/A· v4 5.3 MEDIUM· v3 4.6 MEDIUM· v2 SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtend...Show more SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier.Show less

Previous 1...678...12 Next