Sonicwall

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-0655 1Sonicwall 1Email Security Mar 20, 2025 Feb 14, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.
CVE-2023-0126 1Sonicwall 1Sma1000 Firmware Apr 3, 2025 Jan 19, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory.
CVE-2021-20030 1Sonicwall 1Global Management System May 16, 2025 Oct 13, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files.
CVE-2022-2915 1Sonicwall 5Sma 200 Firmware Sma 210 FirmwareSma 400 Firmware+2 more Nov 21, 2024 Aug 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerabil...Show more A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions.Show less
CVE-2022-2324 1Sonicwall 1Hosted Email Security Oct 31, 2025 Jul 29, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions
CVE-2022-22280 1Sonicwall 2Analytics Global Management System Nov 21, 2024 Jul 29, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions.
CVE-2022-2323 1Sonicwall 7Sws12 10fpoe Firmware Sws12 8 FirmwareSws12 8poe Firmware+4 more Nov 21, 2024 Jul 29, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earl...Show more Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earlier versionsShow less
CVE-2022-1703 1Sonicwall 3Sma 210 Firmware Sma 410 FirmwareSma 500v Firmware Nov 21, 2024 Jun 8, 2022 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vul...Show more Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service (DoS) attack.Show less
CVE-2022-22282 1Sonicwall 5Sma 6200 Firmware Sma 6210 FirmwareSma 7200 Firmware+2 more Nov 21, 2024 May 13, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.
CVE-2022-22281 1Sonicwall 1Netextender Nov 21, 2024 May 13, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating...Show more A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system.Show less
CVE-2022-1702 1Sonicwall 5Sma 6200 Firmware Sma 6210 FirmwareSma 7200 Firmware+2 more Nov 21, 2024 May 13, 2022 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulner...Show more SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.Show less
CVE-2022-1701 1Sonicwall 5Sma 6200 Firmware Sma 6210 FirmwareSma 7200 Firmware+2 more Nov 21, 2024 May 13, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.
CVE-2021-20051 1Sonicwall 1Global Vpn Client Nov 21, 2024 May 4, 2022 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker...Show more SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system.Show less
CVE-2022-22278 1Sonicwall 49Nsa 2650 Firmware Nsa 2700 FirmwareNsa 3650 Firmware+46 more Nov 21, 2024 Apr 27, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Deni...Show more A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attackShow less
CVE-2022-22277 1Sonicwall 49Nsa 2650 Firmware Nsa 2700 FirmwareNsa 3650 Firmware+46 more Nov 21, 2024 Apr 27, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.
CVE-2022-22276 1Sonicwall 49Nsa 2650 Firmware Nsa 2700 FirmwareNsa 3650 Firmware+46 more Nov 21, 2024 Apr 27, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.
CVE-2022-22275 1Sonicwall 1Sonicos Nov 21, 2024 Apr 27, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulner...Show more Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.Show less
CVE-2022-22279 1Sonicwall 5Sma 210 Firmware Sma 410 FirmwareSma 500v Firmware+2 more Nov 21, 2024 Apr 13, 2022 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA applia...Show more A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versionsShow less
CVE-2022-22274 1Sonicwall 2Sonicos Sonicosv Nov 21, 2024 Mar 25, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
CVE-2022-22273 1Sonicwall 9Sma 200 Firmware Sma 210 FirmwareSma 400 Firmware+6 more Nov 21, 2024 Mar 17, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series pro...Show more Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versionsShow less

Previous 1...456...12 Next