Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicwall vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34132
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34133
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated malicious user to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 a...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34135
Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated malicious user to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous v...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34136
Vulnerability in SonicWall GMS and Analytics allows unauthenticated malicious user to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2023-34137
SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versio...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
NA
CVE-2022-22280
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and previous versions versions.
Sonicwall Global Management System
Sonicwall Global Management System 9.3.1
Sonicwall Analytics
755
VMScore
CVE-2011-5262
SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote malicious users to execute arbitrary SQL commands via the CategoryID parameter.
Sonicwall Aventail Sra Ex9000 -
Sonicwall Aventail Sra Ex7000 -
Sonicwall Aventail Sra Ex6000 -
Sonicwall Aventail Sra Ex Virtual Appliance -
1 EDB exploit
445
VMScore
CVE-2020-5132
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an atta...
Sonicwall Sma100 Firmware 10.2.0.2-20sv
Sonicwall Sma100 Firmware 12.4.0-2223
Sonicwall Sonicos 6.5.4.6-79n
409
VMScore
CVE-2019-7487
Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.
Sonicwall Sonicos
Sonicwall Sonicos Sslvpn Nacagent 3.5
NA
CVE-2023-6340
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and previous versions versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.
Sonicwall Netextender
Sonicwall Capture Client
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »