CVE-2020-5129

HIGH

Sonicwall Sma1000 Firmware < 12.1.0-06411 - HTTP Request Smuggling

Title source: rule

Description

A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.

References (1)

[Vendor Advisory] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0002

Scores

CVSS v3 7.5

EPSS 0.0051

EPSS Percentile 66.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-248 CWE-444

Status published

Affected Products (1)

sonicwall/sma1000_firmware < 12.1.0-06411

Timeline

Published Mar 26, 2020

Tracked Since Feb 18, 2026