CVE-2020-5131
HIGHSonicWall NetExtender < 9.0.815 - Arbitrary File Write and DLL Overwrite
Title source: llmDescription
SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0004
Scores
CVSS v3
7.8
EPSS
0.0004
EPSS Percentile
13.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
sonicwall/netextender
< 9.0.815
Published
Jul 17, 2020
Tracked Since
Feb 18, 2026