Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicwall scrutinizer vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2014-4976
Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to change user passwords via the user ID in the savePrefs parameter in a change password request to cgi-bin/admin.cgi.
Sonicwall Scrutinizer 11.0.1
6.5
CVSSv2
CVE-2014-4977
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the (2) user_id parameter in the changeUnit ...
Sonicwall Scrutinizer 11.0.1
1 EDB exploit
5
CVSSv2
CVE-2012-2626
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 does not require token authentication, which allows remote malicious users to add administrative accounts via a userprefs action.
Sonicwall Scrutinizer
1 EDB exploit
4.3
CVSSv2
CVE-2012-3848
Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the query string to d4d/exporters.php, (2) the HTTP Referer hea...
Sonicwall Scrutinizer
1 EDB exploit
7.5
CVSSv2
CVE-2012-3951
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and previous versions has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote malicious users to execute arbitrary SQL commands via a TCP sessi...
Sonicwall Scrutinizer
1 EDB exploit
9.4
CVSSv2
CVE-2012-2627
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 allows remote malicious users to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request.
Sonicwall Scrutinizer
1 EDB exploit
6.5
CVSSv2
CVE-2012-2962
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.
Sonicwall Scrutinizer
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started