📦

stormshield_network_security

Vendor: stormshield

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 4 Remote Access

Total CVEs 35 Total Indexed

Avg. EPSS 6.51% Exploit Prob.

Latest CVE CVE-2025-48707 Sep 25

Security Vulnerability Index

Page 4 / 4

7.5 CVSS

CVE-2020-7466

The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition.

EPSS: 1.74%

Severity: HIGH

Oct 06, 2020

9.8 CVSS

CVE-2020-7465

The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).

EPSS: 3.01%

Severity: CRITICAL

Oct 06, 2020

6.1 CVSS

CVE-2020-8430

Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=https://example.com in the query string.

EPSS: 0.25%

Severity: MEDIUM

Apr 13, 2020

8.2 CVSS

CVE-2018-20850

Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the command line interface of the SNS web server.

EPSS: 0.13%

Severity: HIGH

Jul 04, 2019

Displaying 4 of 35 Total Entries

1 2 3 4

Total 4 Sections