Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / sonicwall

sonicwall

250 tracked vulnerabilities.

CVE-2021-20026 HIGH

SonicWall Network Security Manager < 2.2.0-R10 - Authenticated OS Command Injection

CVE-2021-20025 HIGH

SonicWall Email Security Virtual Appliance < 10.0.9 - Use of Hard-coded Credentials

CVE-2021-20023 MEDIUM KEV

SonicWall Email Security < 10.0.9.6173 - Authenticated Arbitrary File Read via Path Traversal

CVE-2021-20020 CRITICAL

SonicWall GMS 9.3 - Unauthenticated Command Execution

CVE-2021-20022 HIGH KEV

SonicWall Email Security < 10.0.9.6103 - Authenticated Arbitrary File Upload

CVE-2021-20021 CRITICAL KEVNUCLEI

SonicWall Email Security < 10.0.9.6103 - Unauthenticated Administrative Account Creation via Crafted HTTP Request

CVE-2021-3450 HIGH

OpenSSL 1.1.1h-1.1.1j - Certificate Chain Validation Bypass via X509_V_FLAG_X509_STRICT

CVE-2021-3449 MEDIUM

Openssl < 1.1.1k - NULL Pointer Dereference

CVE-2021-20018 MEDIUM

SonicWall SMA100 < 10.2.0.5 - Authenticated Configuration Export to Arbitrary Email

CVE-2021-20017 HIGH

SonicWall SMA100 < 10.2.0.5 - Authenticated OS Command Injection

CVE-2021-20016 CRITICAL KEV

SonicWall SMA100 Firmware 10.0.0.0-10.2.0.5-d-29sv - Unauthenticated SQL Injection

CVE-2020-5148 HIGH

SonicWall Directory Services Connector < 4.1.19 - Unauthenticated Password Hash Capture

CVE-2020-5147 MEDIUM

SonicWall NetExtender <10.2.300 - Privilege Escalation

CVE-2020-5146 HIGH

SonicWall SMA100 Firmware < 10.2.0.2-20sv - Authenticated OS Command Injection via HTTP POST Parameters

CVE-2020-5145 HIGH

SonicWall Global VPN Client < 4.10.4.0314 - Remote Code Execution via DLL Hijacking

CVE-2020-5144 HIGH

SonicWall Global VPN Client < 4.10.4.0314 - Privilege Escalation via Process Hijacking

CVE-2020-5143 MEDIUM

SonicOS - Unauthenticated Administrator Username Enumeration via SSLVPN Login Page

CVE-2020-5142 MEDIUM

SonicOS < 5.9.1.13, < 6.5.4.4 - Unauthenticated Stored Cross-Site Scripting in SSLVPN Web Interface

CVE-2020-5141 MEDIUM

SonicOS < 5.9.1.13, < 6.5.4.4 - Unauthenticated Brute Force via Virtual Assist Ticket ID

CVE-2020-5140 HIGH

SonicOS < 5.9.1.13 and < 6.5.4.4 - Unauthenticated Denial of Service via Malicious HTTP Request

CVE-2020-5139 HIGH

SonicOS < 5.9.1.13 and < 6.5.4.4 - Unauthenticated Denial of Service via SSLVPN Invalid Pointer Release

CVE-2020-5138 HIGH

SonicOS < 5.9.1.13 and < 6.5.4.4 - Unauthenticated Denial of Service via SSLVPN Heap Overflow

CVE-2020-5137 HIGH

SonicOS < 5.9.1.13 and 6.5.4.4 - Unauthenticated Denial of Service via SSLVPN Buffer Overflow

CVE-2020-5136 MEDIUM

SonicOS < 5.9.1.13, < 6.5.4.4 - Authenticated Denial of Service via SSL-VPN Buffer Overflow

CVE-2020-5135 CRITICAL KEV

SonicOS < 6.0.5.3 and SonicOSv < 6.5.4.4 - Remote Code Execution via Malicious Request

Previous Page 7 of 10 Next

Products

sonicos 68 sma_210_firmware 35 sma_410_firmware 35 global_management_system 32 sma_500v_firmware 32 sma_200_firmware 27 sma_400_firmware 27 sonicosv 19 analytics 17 SonicOS 14 sma_100_firmware 13 email_security 12 analyzer 10 netextender 9 scrutinizer 7 SMA1000 6 global_vpn_client 6 sma6200_firmware 6 sma6210_firmware 6 sma7200_firmware 6 sma7210_firmware 6 sma8200v 6 email_security_appliance_5000_firmware 5 email_security_appliance_5050_firmware 5 email_security_appliance_7000_firmware 5 email_security_appliance_7050_firmware 5 email_security_appliance_9000_firmware 5 sma1000_firmware 5 sma100_firmware 5 Email Security 4

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy