← Back

Sonicwall

sonicwall

227 CVEs • 352 products

Products (352)

Click to collapse
Toggle
Sonicos
sonicos
68 CVEs
Sma 210 Firmware
sma_210_firmware
35 CVEs
Sma 410 Firmware
sma_410_firmware
35 CVEs
Global Management System
global_management_system
32 CVEs
Sma 500v Firmware
sma_500v_firmware
32 CVEs
Sma 200 Firmware
sma_200_firmware
27 CVEs
Sma 400 Firmware
sma_400_firmware
27 CVEs
Sonicosv
sonicosv
19 CVEs
Analytics
analytics
17 CVEs
Sma 100 Firmware
sma_100_firmware
13 CVEs
Email Security
email_security
12 CVEs
Analyzer
analyzer
10 CVEs
Netextender
netextender
9 CVEs
Scrutinizer
scrutinizer
7 CVEs
Global Vpn Client
global_vpn_client
6 CVEs
Sma8200v
sma8200v
6 CVEs
Sma6200 Firmware
sma6200_firmware
6 CVEs
Sma6210 Firmware
sma6210_firmware
6 CVEs
Sma7200 Firmware
sma7200_firmware
6 CVEs
Sma7210 Firmware
sma7210_firmware
6 CVEs
Sma1000 Firmware
sma1000_firmware
5 CVEs
Sma100 Firmware
sma100_firmware
5 CVEs
Email Security Appliance 9000 Firmware
email_security_appliance_9000_firmware
5 CVEs
Email Security Appliance 5000 Firmware
email_security_appliance_5000_firmware
5 CVEs
Email Security Appliance 7000 Firmware
email_security_appliance_7000_firmware
5 CVEs
Email Security Appliance 5050 Firmware
email_security_appliance_5050_firmware
5 CVEs
Email Security Appliance 7050 Firmware
email_security_appliance_7050_firmware
5 CVEs
Email Security Virtual Appliance
email_security_virtual_appliance
4 CVEs
Hosted Email Security
hosted_email_security
4 CVEs
Tz300p Firmware
tz300p_firmware
4 CVEs
Tz300w Firmware
tz300w_firmware
4 CVEs
Tz350 Firmware
tz350_firmware
4 CVEs
Tz350w Firmware
tz350w_firmware
4 CVEs
Tz370 Firmware
tz370_firmware
4 CVEs
Tz370w Firmware
tz370w_firmware
4 CVEs
Tz400 Firmware
tz400_firmware
4 CVEs
Tz400w Firmware
tz400w_firmware
4 CVEs
Tz470 Firmware
tz470_firmware
4 CVEs
Tz470w Firmware
tz470w_firmware
4 CVEs
Tz500 Firmware
tz500_firmware
4 CVEs
Tz500w Firmware
tz500w_firmware
4 CVEs
Tz570 Firmware
tz570_firmware
4 CVEs
Tz570p Firmware
tz570p_firmware
4 CVEs
Tz570w Firmware
tz570w_firmware
4 CVEs
Tz600 Firmware
tz600_firmware
4 CVEs
Tz600p Firmware
tz600p_firmware
4 CVEs
Tz670 Firmware
tz670_firmware
4 CVEs
Sma 6200 Firmware
sma_6200_firmware
4 CVEs
Sma 6210 Firmware
sma_6210_firmware
4 CVEs
Sma 7200 Firmware
sma_7200_firmware
4 CVEs
Sma 7210 Firmware
sma_7210_firmware
4 CVEs
Ssl Vpn
ssl_vpn
3 CVEs
Email Security Appliance
email_security_appliance
3 CVEs
Uma Em5000 Firmware
uma_em5000_firmware
3 CVEs
Sma 500v
sma_500v
3 CVEs
Capture Client
capture_client
3 CVEs
Email Security Appliance 3300 Firmware
email_security_appliance_3300_firmware
3 CVEs
Email Security Appliance 4300 Firmware
email_security_appliance_4300_firmware
3 CVEs
Email Security Appliance 8300 Firmware
email_security_appliance_8300_firmware
3 CVEs
Nssp 10700 Firmware
nssp_10700_firmware
3 CVEs
Nssp 11700 Firmware
nssp_11700_firmware
3 CVEs
Nssp 12400 Firmware
nssp_12400_firmware
3 CVEs
Nssp 12800 Firmware
nssp_12800_firmware
3 CVEs
Nssp 13700 Firmware
nssp_13700_firmware
3 CVEs
Nssp 15700 Firmware
nssp_15700_firmware
3 CVEs
Nsv 10 Firmware
nsv_10_firmware
3 CVEs
Nsv 100 Firmware
nsv_100_firmware
3 CVEs
Nsv 1600 Firmware
nsv_1600_firmware
3 CVEs
Nsv 200 Firmware
nsv_200_firmware
3 CVEs
Nsv 25 Firmware
nsv_25_firmware
3 CVEs
Nsv 270 Firmware
nsv_270_firmware
3 CVEs
Nsv 300 Firmware
nsv_300_firmware
3 CVEs
Nsv 400 Firmware
nsv_400_firmware
3 CVEs
Nsv 470 Firmware
nsv_470_firmware
3 CVEs
Nsv 50 Firmware
nsv_50_firmware
3 CVEs
Nsv 800 Firmware
nsv_800_firmware
3 CVEs
Nsv 870 Firmware
nsv_870_firmware
3 CVEs
Nsa 2650 Firmware
nsa_2650_firmware
3 CVEs
Nsa 2700 Firmware
nsa_2700_firmware
3 CVEs
Nsa 3650 Firmware
nsa_3650_firmware
3 CVEs
Nsa 3700 Firmware
nsa_3700_firmware
3 CVEs
Nsa 4650 Firmware
nsa_4650_firmware
3 CVEs
Nsa 4700 Firmware
nsa_4700_firmware
3 CVEs
Nsa 5650 Firmware
nsa_5650_firmware
3 CVEs
Nsa 5700 Firmware
nsa_5700_firmware
3 CVEs
Nsa 6650 Firmware
nsa_6650_firmware
3 CVEs
Nsa 6700 Firmware
nsa_6700_firmware
3 CVEs
Nsa 9250 Firmware
nsa_9250_firmware
3 CVEs
Nsa 9450 Firmware
nsa_9450_firmware
3 CVEs
Nsa 9650 Firmware
nsa_9650_firmware
3 CVEs
Sma 8000v Firmware
sma_8000v_firmware
3 CVEs
Soho Firewall
soho_firewall
2 CVEs
Soho Firmware
soho_firmware
2 CVEs
Uma Em5000
uma_em5000
2 CVEs
Web Application Firewall
web_application_firewall
2 CVEs
Universal Management Appliance
universal_management_appliance
2 CVEs
Viewpoint
viewpoint
2 CVEs
Directory Services Connector
directory_services_connector
2 CVEs
Network Security Manager
network_security_manager
2 CVEs
Sra 4600 Firmware
sra_4600_firmware
2 CVEs

CVEs (227)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-38475
3Apache
NetappSonicwall
7Http Server
Ontap 9Sma 200 Firmware+4 more
Nov 17, 2025
Jul 1, 2024
N/A· v4
9.1 CRITICAL· v3
N/A· v2
Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly...Show more
Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected.  Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained.Show less
CVE-2024-6387
13Almalinux
AmazonApple+10 more
53500f Firmware
8300 Firmware8700 Firmware+50 more
May 12, 2026
Jul 1, 2024
N/A· v4
8.1 HIGH· v3
N/A· v2
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able t...Show more
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.Show less
CVE-2024-29013
1Sonicwall
1Sonicos
Mar 25, 2025
Jun 20, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.
CVE-2024-29012
1Sonicwall
1Sonicos
Mar 25, 2025
Jun 20, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
CVE-2024-22395
1Sonicwall
5Sma 200 Firmware
Sma 210 FirmwareSma 400 Firmware+2 more
Dec 5, 2024
Feb 24, 2024
N/A· v4
6.3 MEDIUM· v3
N/A· v2
Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a remote authenticated attacker to associate another user's MFA...Show more
Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a remote authenticated attacker to associate another user's MFA mobile application.Show less
CVE-2024-22394
1Sonicwall
1Sonicos
Nov 21, 2024
Feb 8, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.  This issue affects only firmware v...Show more
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.  This issue affects only firmware version SonicOS 7.1.1-7040. Show less
CVE-2023-6340
1Sonicwall
2Capture Client
Netextender
Jun 11, 2025
Jan 18, 2024
N/A· v4
5.5 MEDIUM· v3
N/A· v2
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by...Show more
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.Show less
CVE-2023-5970
1Sonicwall
5Sma 200 Firmware
Sma 210 FirmwareSma 400 Firmware+2 more
Nov 21, 2024
Dec 5, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass.
CVE-2023-44221
1Sonicwall
5Sma 200 Firmware
Sma 210 FirmwareSma 400 Firmware+2 more
Oct 31, 2025
Dec 5, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially lea...Show more
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.Show less
CVE-2023-44220
1Sonicwall
1Netextender
Nov 21, 2024
Oct 27, 2023
N/A· v4
7.3 HIGH· v3
N/A· v2
SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could res...Show more
SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system.Show less
CVE-2023-44219
1Sonicwall
1Directory Services Connector
Nov 21, 2024
Oct 27, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recover...Show more
A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature.Show less
CVE-2023-41715
1Sonicwall
1Sonicos
May 2, 2025
Oct 17, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
CVE-2023-41713
1Sonicwall
1Sonicos
Nov 21, 2024
Oct 17, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
CVE-2023-41712
1Sonicwall
1Sonicos
Nov 21, 2024
Oct 17, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
CVE-2023-41711
1Sonicwall
1Sonicos
Nov 21, 2024
Oct 17, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
CVE-2023-39280
1Sonicwall
1Sonicos
Nov 21, 2024
Oct 17, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
CVE-2023-39279
1Sonicwall
1Sonicos
Nov 21, 2024
Oct 17, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
CVE-2023-39278
1Sonicwall
1Sonicos
Nov 21, 2024
Oct 17, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.
CVE-2023-39277
1Sonicwall
1Sonicos
Nov 21, 2024
Oct 17, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
CVE-2023-39276
1Sonicwall
1Sonicos
Nov 21, 2024
Oct 17, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.