5.3
CVSS
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.
Severity: MEDIUM
📦
nssp_13700
Vendor: sonicwall
Actively Exploited
2
CISA KEV List
PoC / Exploits
4
Code Available
Total RCEs
6
Remote Access
Total CVEs
37
Total Indexed
Avg. EPSS
8.66%
Exploit Prob.
Security Vulnerability Index
Page 3 / 4
7.5
CVSS
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
Severity: HIGH
9.8
CVSS
CVE-2022-22274
Exploit Found
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
Severity: CRITICAL
8.8
CVSS
CVE-2021-20048
RCE
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
Severity: HIGH
8.8
CVSS
CVE-2021-20046
RCE
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
Severity: HIGH
6.1
CVSS
CVE-2021-20031
Exploit Found
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.
Severity: MEDIUM
7.5
CVSS
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
Severity: HIGH