Description
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.
Scores
CVSS v3
6.8
EPSS
0.0001
EPSS Percentile
1.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-35
Status
published
Products (4)
SonicWall/SonicOS
6.5.5.1-6n and older versions
SonicWall/SonicOS
7.0.1-5169 and older versions
SonicWall/SonicOS
7.3.1-7013 and older versions
SonicWall/SonicOS
8.1.0-8017 and older versions
Published
Apr 29, 2026
Tracked Since
Apr 29, 2026