Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield network security vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-28127
An issue exists in Stormshield SNS up to and including 4.2.1. A brute-force attack can occur.
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 4.2.1
3.6
CVSSv2
CVE-2021-31814
In Stormshield 1.1.0, and 2.1.0 up to and including 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client.
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 1.1.0
NA
CVE-2023-47093
An issue exists in Stormshield Network Security (SNS) 4.0.0 up to and including 4.3.21, 4.4.0 up to and including 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine.
Stormshield Stormshield Network Security 4.7.0
Stormshield Stormshield Network Security
7.5
CVSSv2
CVE-2020-7465
The L2TP implementation of MPD prior to 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).
Mpd Project Mpd
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 4.4.0
5
CVSSv2
CVE-2020-7466
The PPP implementation of MPD prior to 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition.
Mpd Project Mpd
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 4.4.0
NA
CVE-2023-28616
An issue exists in Stormshield Network Security (SNS) prior to 4.3.17, 4.4.x up to and including 4.6.x prior to 4.6.4, and 4.7.x prior to 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in clear...
Stormshield Network Security 4.7.0
Stormshield Network Security
NA
CVE-2023-26095
ASQ in Stormshield Network Security (SNS) 4.3.15 prior to 4.3.16 and 4.6.x prior to 4.6.3 allows a crash when analysing a crafted SIP packet.
Stormshield Network Security
Stormshield Network Security 4.3.15
NA
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
2.9
CVSSv2
CVE-2021-37613
Stormshield Network Security (SNS) 1.0.0 up to and including 4.2.3 allows a Denial of Service.
Stormshield Stormshield Network Security
5.8
CVSSv2
CVE-2020-8430
Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=https://example.com in the query string.
Stormshield Stormshield Network Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »