CVE-2022-22274

CRITICAL EXPLOITED

SonicOS < 7.0.1-5050 and SonicOSv < 6.5.4.4-44v-21-1452 - Unauthenticated Stack-based Buffer Overflow via HTTP Request

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2022-22274 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 4 public exploits from researchers including BishopFox, 4lucardSec, forthisvideo.

AI-analyzed exploit summary This repository contains a proof-of-concept script for CVE-2022-22274 and CVE-2023-0656, which are stack-based buffer overflow vulnerabilities in SonicWall NGFW. The script tests for vulnerability and can trigger a denial-of-service (DoS) by sending maliciously crafted HTTP requests with long URI paths.

Description

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.

Exploits (4)

nomisec WORKING POC 19 stars
by BishopFox · poc
https://github.com/BishopFox/CVE-2022-22274_CVE-2023-0656

This repository contains a proof-of-concept script for CVE-2022-22274 and CVE-2023-0656, which are stack-based buffer overflow vulnerabilities in SonicWall NGFW. The script tests for vulnerability and can trigger a denial-of-service (DoS) by sending maliciously crafted HTTP requests with long URI paths.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: SonicWall NGFW (SonicOS)
No auth needed
Prerequisites: Network access to the SonicWall NGFW web management interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 6 stars
by 4lucardSec · dos
https://github.com/4lucardSec/Sonic_CVE-2022-22274_poc

This PoC exploits CVE-2022-22274 by sending a crafted packet to a vulnerable server, likely targeting a buffer overflow or memory corruption vulnerability. The exploit constructs a malicious packet with specific patterns and sends it via a TCP socket.

Classification
Working Poc 80%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: SonicWall (specific version not specified)
No auth needed
Prerequisites: Network access to the target server · Target server running vulnerable SonicWall software
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by forthisvideo · dos
https://github.com/forthisvideo/CVE-2022-22274_poc

This PoC exploits CVE-2022-22274 by sending a crafted packet with a base64-encoded payload to a vulnerable server. The payload consists of structured binary data (0x41414141, 0x42424242, 0x43434343) likely targeting a memory corruption or buffer overflow vulnerability.

Classification
Working Poc 80%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Unknown (CVE-2022-22274 likely affects a specific network service)
No auth needed
Prerequisites: Network access to the vulnerable service · Service listening on the specified port
devstral-2 · analyzed Feb 16, 2026 Full analysis →
inthewild WORKING POC
poc
https://github.com/pwneddr/sonic_cve-2022-22274_poc

The repository contains a functional Python PoC for CVE-2022-22274, which exploits a buffer overflow vulnerability in SonicWall SMA100 devices. The script constructs a malicious packet with specific patterns (0x41414141, 0x42424242, 0x43434343) and sends it to a target server, demonstrating the vulnerability.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: SonicWall SMA100
No auth needed
Prerequisites: network access to the target server · Python environment
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.4861
EPSS Percentile 97.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-09-12
CWE
CWE-121 CWE-787
Status published
Products (2)
sonicwall/sonicos < 7.0.1-5050
sonicwall/sonicosv < 6.5.4.4-44v-21-1452
Published Mar 25, 2022
Tracked Since Feb 18, 2026