Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicos vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-41712
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
Sonicwall Sonicos
7.5
CVSSv3
CVE-2023-41713
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
Sonicwall Sonicos
8.8
CVSSv3
CVE-2023-41715
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
Sonicwall Sonicos
5.3
CVSSv3
CVE-2020-5130
SonicOS SSLVPN LDAP login request allows remote malicious users to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and previous versions.
Sonicwall Sonicos
8.8
CVSSv3
CVE-2023-1101
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated malicious user to use excessive MFA codes.
Sonicwall Sonicos
7.5
CVSSv3
CVE-2021-20027
A buffer overflow vulnerability in SonicOS allows a remote malicious user to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
Sonicwall Sonicos
6.1
CVSSv3
CVE-2021-20031
A Host Header Redirection vulnerability in SonicOS potentially allows a remote malicious user to redirect firewall management users to arbitrary web domains.
Sonicwall Sonicos
8.8
CVSSv3
CVE-2021-20048
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated malicious user to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware...
Sonicwall Sonicos
7.5
CVSSv3
CVE-2023-0656
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated malicious user to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
Sonicwall Sonicos
1 Github repository
1 Article
7.5
CVSSv3
CVE-2022-22275
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
Sonicwall Sonicos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »