CVE-2026-0205
MEDIUMSonicOS < 6.5.5.2-28n - Authenticated Path Traversal
Title source: llmDescription
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004
Scores
CVSS v3
6.8
EPSS
0.0043
EPSS Percentile
33.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-35
Status
published
Products (5)
sonicwall/sonicos
< 6.5.5.2-28n
SonicWall/SonicOS
6.5.5.1-6n and older versions
SonicWall/SonicOS
7.0.1-5169 and older versions
SonicWall/SonicOS
7.3.1-7013 and older versions
SonicWall/SonicOS
8.1.0-8017 and older versions
Published
Apr 29, 2026
Tracked Since
Apr 29, 2026