anir0y

2 exploits Active since Dec 2021
CVE-2021-20038 NOMISEC CRITICAL WORKING POC
SonicWall SMA 100 Series Firmware <= 10.2.1.2-24sv - Unauthenticated Stack-based Buffer Overflow
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
CVSS 9.8
CVE-2024-53704 NOMISEC CRITICAL WORKING POC
SonicOS >=7.1.1-7040 <7.1.1-7058 - Unauthenticated Authentication Bypass via SSLVPN
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
CVSS 9.8