VYPR
High severity8.8NVD Advisory· Published Mar 13, 2021· Updated Jun 17, 2026

CVE-2021-20017

CVE-2021-20017

Description

A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulnerability impacts SMA100 version 10.2.0.5 and earlier.

Affected products

2
  • SonicWall/SMA100llm-fuzzy2 versions
    <=10.2.0.5+ 1 more
    • (no CPE)range: <=10.2.0.5
    • (no CPE)range: 10.2.0.5 and earlier

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.