📦

tz270w

Vendor: sonicwall

Login to add this product to WatchStack
Actively Exploited 2 CISA KEV List
PoC / Exploits 5 Code Available
Total RCEs 13 Remote Access
Total CVEs 44 Total Indexed
Avg. EPSS 7.35% Exploit Prob.
Latest CVE CVE-2026-0206 Apr 29

Security Vulnerability Index

Page 3 / 5
6.5 CVSS
CVE-2023-39280
RCE

SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.

EPSS: 0.48%
6.5 CVSS
CVE-2023-39279
RCE

SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.

EPSS: 0.48%
6.5 CVSS
CVE-2023-39278
RCE

SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.

EPSS: 0.48%
6.5 CVSS
CVE-2023-39277
RCE

SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.

EPSS: 0.48%
6.5 CVSS
CVE-2023-39276
RCE

SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.

EPSS: 0.63%
7.5 CVSS
CVE-2022-47522
Exploit Found

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.

EPSS: 12.59%
8.8 CVSS
CVE-2023-1101

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.

EPSS: 0.35%
7.5 CVSS
CVE-2023-0656
RCE Exploit Found

A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.

EPSS: 31.49%
7.5 CVSS
CVE-2022-22275

Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.

EPSS: 0.26%
9.8 CVSS
CVE-2022-22274
Exploit Found

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.

EPSS: 47.00%