CVE-2019-7485

HIGH

SonicWall SMA100 <9.0.0.3 - RCE

Title source: llm

Description

Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.

References (1)

[Vendor Advisory] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0020

Scores

CVSS v3 8.8

EPSS 0.0067

EPSS Percentile 70.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-120

Status published

Affected Products (1)

sonicwall/sma_100_firmware < 9.0.0.3

Timeline

Published Dec 19, 2019

Tracked Since Feb 18, 2026