VYPR

SonicOS SSLVPN portal

by SonicWall

CVEs (2)

  • CVE-2024-22397HigMar 14, 2024
    risk 0.54cvss 8.3epss 0.01

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall 'admin' user to store and execute arbitrary JavaScript code.

  • CVE-2023-1101Mar 2, 2023
    risk 0.00cvss epss 0.01

    SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.