Published: 12/10/2020 Updated: 03/09/2022

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

A buffer overflow vulnerability in SonicOS allows a remote malicious user to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sonicwall sonicos 7.0.0.0
sonicwall sonicos
sonicwall sonicosv

If you want to practice writing exploits and worms, there's a big hijacking hole in SonicWall firewall VPNs

The Register • Gareth Corfield • 16 Oct 2020

And some 800,000 installations facing the internet, patches are available Zyxel storage, firewall, VPN, security boxes have a give-anyone-on-the-internet-root hole: Patch right now

A critical vulnerability in a SonicWall enterprise VPN firewall can be exploited to crash the device or remotely execute code on it, reverse engineers said this week. The stack-based buffer overflow (CVE-2020-5135) uncovered by infosec outfit Tripwire can be triggered by an “unauthenticated HTTP request involving a custom protocol handler” – and, most worryingly, could have been deployed by an “unskilled attacker.” The biz said about 800,000 devices were discoverable through device sea...

CVE-2020-5135

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect