CVE-2024-22398

MEDIUM

SonicWall Email Security Appliance - Path Traversal

Title source: llm

Description

An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file system.

References (1)

[Various Sources] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0006

Scores

CVSS v3 4.9

EPSS 0.0022

EPSS Percentile 45.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-22 CWE-23

Status published

Products (1)

SonicWall/Email Security 10.0.26.7807 and earlier versions

Published Mar 14, 2024

Tracked Since Feb 18, 2026