Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-7481

Published: 17/12/2019 Updated: 14/09/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and previous versions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sonicwall sma_100_firmware

Github Repositories

https://github.com/itstarsec/Blueprint-Incident-Response

Blueprint-Incident-Response 72 Hours of Incident Response πŸ’»πŸ•’πŸ” Setting the Stage Financial Institute Tipped By: • Private sector (multiple times) • Law enforcement Business continuity is critical • Critical production environment IT personnel not security aware Friday 18:15 CERT Hotline Call ~23:00 - EDR installed on critical systems, time for bed! Custo

Recent Articles

Suspected Chinese cyber spies target unpatched SonicWall devices
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources They've been lurking in networks since at least 2021

Suspected Chinese cyber criminals have zeroed in on unpatched SonicWall gateways and are infecting the devices with credential-stealing malware that persists through firmware upgrades, according to Mandiant. The spyware targets the SonicWall Secure Mobile Access (SMA) 100 Series – a gateway device that provides VPN access to remote users.  The networking vendor confirmed the malware campaign in a statement emailed to The Register: The campaign targeted "an extremely limited number of unpa...

Read more...

References

CWE-89https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0016https://nvd.nist.govhttps://github.com/itstarsec/Blueprint-Incident-Responsehttps://www.theregister.co.uk/2023/03/09/suspected_chinese_cyberspies_target_uppatched/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065open redirectCVE-2024-1086path traversalCVE-2024-29825XXECVE-2024-29822CVE-2024-20696CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook