Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicwall vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-34137
SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versio...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
8.8
CVSSv3
CVE-2023-34127
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated malicious user to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and p...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-34130
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-34132
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2022-22280
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and previous versions versions.
Sonicwall Global Management System
Sonicwall Global Management System 9.3.1
Sonicwall Analytics
NA
CVE-2014-8420
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) prior to 7.2 SP2, SonicWALL Analyzer prior to 7.2 SP2, and SonicWALL UMA prior to 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Sonicwall Analyzer 7.2
Sonicwall Global Management System 7.2
Sonicwall Uma Em5000 -
NA
CVE-2011-5262
SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote malicious users to execute arbitrary SQL commands via the CategoryID parameter.
Sonicwall Aventail Sra Ex9000 -
Sonicwall Aventail Sra Ex7000 -
Sonicwall Aventail Sra Ex6000 -
Sonicwall Aventail Sra Ex Virtual Appliance -
1 EDB exploit
5.3
CVSSv3
CVE-2020-5132
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an atta...
Sonicwall Sma100 Firmware 10.2.0.2-20sv
Sonicwall Sma100 Firmware 12.4.0-2223
Sonicwall Sonicos 6.5.4.6-79n
5.5
CVSSv3
CVE-2023-6340
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and previous versions versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.
Sonicwall Netextender
Sonicwall Capture Client
1 Github repository
7.8
CVSSv3
CVE-2019-7487
Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.
Sonicwall Sonicos
Sonicwall Sonicos Sslvpn Nacagent 3.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »