CVE-2020-5147

MEDIUM

SonicWall NetExtender <10.2.300 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-5147. PoCs published by shinnai.

AI-analyzed exploit summary This is a writeup detailing an unquoted service path vulnerability in SonicWall NetExtender Windows client version 10.2.0.300. The vulnerability allows local privilege escalation due to the service path not being enclosed in quotes, enabling an attacker to execute arbitrary code with elevated privileges.

Description

SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier.

Exploits (1)

exploitdb WRITEUP
by shinnai · textlocalwindows
https://www.exploit-db.com/exploits/50212

This is a writeup detailing an unquoted service path vulnerability in SonicWall NetExtender Windows client version 10.2.0.300. The vulnerability allows local privilege escalation due to the service path not being enclosed in quotes, enabling an attacker to execute arbitrary code with elevated privileges.

Classification
Writeup 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: SonicWall NetExtender Windows client 10.2.0.300
Auth required
Prerequisites: Local access to the target system · Ability to place an executable in the vulnerable path
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References

Scores

CVSS v3 5.3
EPSS 0.0166
EPSS Percentile 73.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-428
Status published
Products (1)
sonicwall/netextender < 10.2.300
Published Jan 09, 2021
Tracked Since Feb 18, 2026