Published: 04/02/2021 Updated: 08/02/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated malicious user to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sonicwall sma_100_firmware

sonicwall sma_200_firmware -

sonicwall sma_210_firmware -

sonicwall sma_400_firmware -

sonicwall sma_410_firmware -

sonicwall sma 500v -

Github Repositories

主流供应商的一些攻击性漏洞汇总 网络安全专家 @Alexander Knorr 在推特上分享的一些有关于供应商的一些 CVE 严重漏洞,详情,仅列出了 CVE 编号,无相关漏洞详情。所以在分享的图片基础上进行新增了漏洞 Title,官方公告,漏洞分析,利用代码,概念证明以及新增或删减了多个CVE等,另外

Recent Articles

Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
Threatpost • Tara Seals • 08 Dec 2021

Critical security vulnerabilities in SonicWall’s Secure Mobile Access (SMA) 100-series VPN appliances could allow an unauthenticated, remote user to execute code as root.
The SMA 100 line was created to provide end-to-end secure remote access to corporate resources, be they hosted on-prem, cloud or hybrid data centers. It also offers policy-enforced access control to applications after establishing user and device identity and trust.
The most severe of the bugs, officially an unaut...

FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics
BleepingComputer • Sergiu Gatlan • 01 Nov 2021

The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics.
In a Friday notification coordinated with the Cybersecurity and Infrastructure Security Agency (CISA), the FBI said that the ransomware group would take their victims' official websites down in DDoS attacks if they didn't comply with the r...

Shining a Light on DARKSIDE Ransomware Operations
Fireeye Threat Research • by Jordan Nuce, Jeremy Kennelly, Kimberly Goody, Andrew Moore, Alyssa Rahman, Brendan McKeague, Jared Wilson • 11 May 2021

Since initially surfacing in August 2020, the creators of DARKSIDE ransomware and their affiliates have launched a global crime spree affecting organizations in more than 15 countries and multiple industry verticals. Like many of their peers, these actors conduct multifaceted extortion where data is both exfiltrated and encrypted in place, allowing them to demand payment for unlocking and the non-release of stolen data to exert more pressure on victims.
The origins of these incidents are n...

UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Fireeye Threat Research • by Tyler McLellan, Justin Moore, Raymond Leong • 29 Apr 2021

Mandiant has observed an aggressive financially motivated group, UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to a patch being available and deploying sophisticated malware previously reported by other vendors as SOMBRAT. Mandiant has linked the use of SOMBRAT to the deployment of ransomware, which has not been previously reported publicly.
UNC2447 monetizes intrusions by extorting their victims first with FIVEHANDS ransomware followed by aggressively applying pressur...