VYPR

Vendor CVEs

SonicWall

All CVEs

245 total · sorted by risk
  • CVE-2023-34125Jul 13, 2023
    risk 0.01cvss epss 0.23

    Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

  • CVE-2021-20045Dec 8, 2021
    risk 0.01cvss epss 0.25

    A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

  • CVE-2021-20044Dec 8, 2021
    risk 0.01cvss epss 0.40

    A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS system commands in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

  • CVE-2021-20040Dec 8, 2021
    risk 0.01cvss epss 0.26

    A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

  • CVE-2026-3439Mar 4, 2026
    risk 0.00cvss epss 0.00

    A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall.

  • CVE-2026-0402Feb 24, 2026
    risk 0.00cvss epss 0.00

    A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall.

  • CVE-2026-0401Feb 24, 2026
    risk 0.00cvss epss 0.00

    A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall.

  • CVE-2026-0400Feb 24, 2026
    risk 0.00cvss epss 0.00

    A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.

  • CVE-2026-0399Feb 24, 2026
    risk 0.00cvss epss 0.00

    Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.

  • CVE-2025-40601Nov 20, 2025
    risk 0.00cvss epss 0.01

    A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.

  • CVE-2025-40605Nov 20, 2025
    risk 0.00cvss epss 0.00

    A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.

  • CVE-2025-40604Nov 20, 2025
    risk 0.00cvss epss 0.00

    Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.

  • CVE-2025-40603Oct 31, 2025
    risk 0.00cvss epss 0.00

    A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data.

  • CVE-2025-40600Jul 29, 2025
    risk 0.00cvss epss 0.01

    Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.

  • CVE-2025-40598Jul 23, 2025
    risk 0.00cvss epss 0.53

    A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.

  • CVE-2025-40597Jul 23, 2025
    risk 0.00cvss epss 0.28

    A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.

  • CVE-2025-40596Jul 23, 2025
    risk 0.00cvss epss 0.56

    A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.

  • CVE-2025-40599Jul 23, 2025
    risk 0.00cvss epss 0.12

    An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.

  • CVE-2025-32821May 7, 2025
    risk 0.00cvss epss 0.29

    A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.

  • CVE-2025-32820May 7, 2025
    risk 0.00cvss epss 0.03

    A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.

  • CVE-2025-32819May 7, 2025
    risk 0.00cvss epss 0.07

    A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

  • CVE-2025-2170Apr 30, 2025
    risk 0.00cvss epss 0.00

    A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location.

  • CVE-2024-53702Dec 5, 2024
    risk 0.00cvss epss 0.00

    Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.

  • CVE-2024-45319Dec 5, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.

  • CVE-2024-45318Dec 5, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.

  • CVE-2024-2166Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time Monitor modules) allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003.

  • CVE-2024-29014Jul 18, 2024
    risk 0.00cvss epss 0.02

    Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update.

  • CVE-2024-29013Jun 20, 2024
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.

  • CVE-2024-29012Jun 20, 2024
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.

  • CVE-2024-22395Feb 23, 2024
    risk 0.00cvss epss 0.00

    Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a remote authenticated attacker to associate another user's MFA mobile application.

  • CVE-2024-22394Feb 8, 2024
    risk 0.00cvss epss 0.01

    An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.  This issue affects only firmware version SonicOS 7.1.1-7040.

  • CVE-2023-6340Jan 17, 2024
    risk 0.00cvss epss 0.00

    SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.

  • CVE-2023-5970Dec 5, 2023
    risk 0.00cvss epss 0.01

    Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass.

  • CVE-2023-44220Oct 27, 2023
    risk 0.00cvss epss 0.00

    SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system.

  • CVE-2023-44219Oct 27, 2023
    risk 0.00cvss epss 0.00

    A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature.

  • CVE-2023-41715Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.

  • CVE-2023-41713Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.

  • CVE-2023-41712Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.

  • CVE-2023-41711Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.

  • CVE-2023-39280Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.

  • CVE-2023-39279Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.

  • CVE-2023-39278Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.

  • CVE-2023-39277Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.

  • CVE-2023-39276Oct 17, 2023
    risk 0.00cvss epss 0.01

    SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.

  • CVE-2023-41263Oct 12, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related…

  • CVE-2023-41262Oct 12, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the sorting parameter, allowing an unauthenticated user to execute arbitrary SQL statements in the context…

  • CVE-2023-41261Oct 12, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV does not require authentication and allows an unauthenticated user to export a report and access the results.

  • CVE-2023-44218Oct 3, 2023
    risk 0.00cvss epss 0.00

    A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.

  • CVE-2023-44217Oct 3, 2023
    risk 0.00cvss epss 0.00

    A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.

  • CVE-2023-34137Jul 13, 2023
    risk 0.00cvss epss 0.01

    SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.