Unrated severityNVD Advisory· Published Dec 8, 2021· Updated Sep 5, 2025
CVE-2021-20039
CVE-2021-20039
Description
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SonicWall/SonicWall SMA100v5Range: 9.0.0.11-31sv and earlier
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/165563/SonicWall-SMA-100-Series-Authenticated-Command-Injection.htmlmitrex_refsource_MISC
- psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.