Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicwall vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6340
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and previous versions versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.
Sonicwall Netextender
Sonicwall Capture Client
1 Github repository
3.5
CVSSv2
CVE-2018-5691
SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module.
Sonicwall Analyzer
Sonicwall Global Management System
7.5
CVSSv2
CVE-2001-0376
SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote malicious user ...
Sonicwall Soho2 6.0.0
Sonicwall Tele2 6.0.0
4
CVSSv2
CVE-2021-20023
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated malicious user to read an arbitrary file on the remote host.
Sonicwall Email Security
Sonicwall Hosted Email Security
5
CVSSv2
CVE-2000-1098
The web server for the SonicWALL SOHO firewall allows remote malicious users to cause a denial of service via an empty GET or POST request.
Sonicwall Soho Firewall 5.0.0
Sonicwall Soho Firewall 4.0.0
5
CVSSv2
CVE-2000-1097
The web server for the SonicWALL SOHO firewall allows remote malicious users to cause a denial of service via a long username in the authentication page.
Sonicwall Soho Firewall 4.0.0
Sonicwall Soho Firewall 5.0.0
10
CVSSv2
CVE-2007-5815
Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 prior to 2.1, and SSL-VPN 2000/4000 prior to 2.5, allows remote malicious users to delete arbitrary files via a full pathname in the argument to the FileDelete method.
Sonicwall Ssl Vpn2000\\/4000
Sonicwall Ssl Vpn 200
1 EDB exploit
9
CVSSv2
CVE-2021-20026
A vulnerability in the SonicWall NSM On-Prem product allows an authenticated malicious user to perform OS command injection using a crafted HTTP request. This vulnerability affects NSM On-Prem 2.2.0-R10 and previous versions versions.
Sonicwall Network Security Manager
Sonicwall Network Security Manager 2.2.0
9.3
CVSSv2
CVE-2007-6273
Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote malicious users to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connect...
Sonicwall Global Vpn Client 3.1.556
Sonicwall Global Vpn Client 4.0.0.810
1 EDB exploit
5.8
CVSSv2
CVE-2019-12257
Wind River VxWorks 6.6 up to and including 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
Windriver Vxworks
Sonicwall Sonicos
Sonicwall Sonicos 6.2.7.1
Sonicwall Sonicos 6.2.7.7
Sonicwall Sonicos 6.2.7.0
Siemens Siprotec 5 Firmware
Netapp E-series Santricity Os Controller
Siemens Ruggedcom Win7000 Firmware
Siemens Ruggedcom Win7018 Firmware
Siemens Ruggedcom Win7025 Firmware
Siemens Ruggedcom Win7200 Firmware
Belden Hirschmann Hios
Belden Garrettcom Magnum Dx940e Firmware
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »