CVE-2020-5142

MEDIUM

SonicOS < 5.9.1.13, < 6.5.4.4 - Unauthenticated Stored Cross-Site Scripting in SSLVPN Web Interface

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-5142. PoCs published by hackerlawyer.

AI-analyzed exploit summary The repository contains only a vague README with no technical details or exploit code, merely stating an XSS vulnerability without proof or analysis. It lacks any functional PoC, patch analysis, or HTTP request examples.

Description

A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.

Exploits (1)

nomisec SUSPICIOUS
by hackerlawyer · poc
https://github.com/hackerlawyer/CVE-2020-5142-POC-MB

The repository contains only a vague README with no technical details or exploit code, merely stating an XSS vulnerability without proof or analysis. It lacks any functional PoC, patch analysis, or HTTP request examples.

Classification
Suspicious 90%
Attack Type
Xss
Complexity
Theoretical
Reliability
Theoretical
Target: SonicOS 7.0 Sonicwall NSA device
No auth needed
Prerequisites: Access to a vulnerable SonicOS 7.0 Sonicwall NSA device
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 6.1
EPSS 0.0106
EPSS Percentile 60.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (3)
sonicwall/sonicos 7.0.0.0
sonicwall/sonicos < 5.9.1.13
sonicwall/sonicosv < 6.5.4.4
Published Oct 12, 2020
Tracked Since Feb 18, 2026