Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicwall netextender vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-6340
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and previous versions versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.
Sonicwall Netextender
Sonicwall Capture Client
1 Github repository
7.3
CVSSv3
CVE-2023-44220
SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and previous versions versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system.
Sonicwall Netextender
7.8
CVSSv3
CVE-2023-44217
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and previous versions versions allows a local low-privileged user to gain system privileges through running repair functionality.
Sonicwall Netextender
7.8
CVSSv3
CVE-2023-44218
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.
Sonicwall Netextender
7.8
CVSSv3
CVE-2022-22281
A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and previous versions versions, allows an malicious user to potentially execute arbitrary code in the host windows operating system.
Sonicwall Netextender
5.3
CVSSv3
CVE-2020-5147
SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local malicious user to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and previous versio...
Sonicwall Netextender
7.8
CVSSv3
CVE-2020-5131
SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows malicious user to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.8...
Sonicwall Netextender
NA
CVE-2015-4173
Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender prior to 7.5.227 and 8.0.x prior to 8.0.238, as used in the SRA firmware prior to 7.5.1.2-40sv and 8.x prior to 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse pro...
Sonicwall Netextender
NA
CVE-2007-5603
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control prior to 2.1.0.51, and 2.5.x prior to 2.5.0.56, allows remote malicious users to execute arbitrary code via a long string in the second argument to the AddRouteEntry method.
Sonicwall Ssl Vpn
2 EDB exploits
NA
CVE-2007-5814
Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control prior to 2.1.0.51, and 2.5.x prior to 2.5.0.56, allow remote malicious users to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (...
Sonicwall Ssl Vpn
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started