CVE-2021-20031

MEDIUM NUCLEI

Sonicwall Sonicos < 7.0.1-r1262 - Open Redirect

Title source: rule

Description

A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.

Exploits (1)

exploitdb WORKING POC

by Ramikan · textwebappshardware

https://www.exploit-db.com/exploits/50414

View Code ZIP pw:eip

Nuclei Templates (1)

SonicWall SonicOS 7.0 - Open Redirect

MEDIUMby gy741

References (2)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html

[Vendor Advisory] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019

Scores

CVSS v3 6.1

EPSS 0.3622

EPSS Percentile 97.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-601

Status published

Products (1)

sonicwall/sonicos < 7.0.1-r1262

Published Oct 12, 2021

Tracked Since Feb 18, 2026