Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicwall vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-22280
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and previous versions versions.
Sonicwall Global Management System
Sonicwall Global Management System 9.3.1
Sonicwall Analytics
NA
CVE-2023-34127
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated malicious user to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and p...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9
CVSSv2
CVE-2014-8420
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) prior to 7.2 SP2, SonicWALL Analyzer prior to 7.2 SP2, and SonicWALL UMA prior to 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Sonicwall Analyzer 7.2
Sonicwall Global Management System 7.2
Sonicwall Uma Em5000 -
NA
CVE-2023-34129
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote malicious user to traverse the directory and extract arbitrary files using Zip Slip method to any location on the u...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34130
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34131
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated malicious user to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous v...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34132
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34133
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated malicious user to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 a...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34134
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated malicious user to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34135
Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated malicious user to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous v...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »