9
CVSSv2

CVE-2021-20039

Published: 08/12/2021 Updated: 13/01/2022
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated malicious user to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sonicwall sma_200_firmware 9.0.0.11-31sv

sonicwall sma_200_firmware 10.2.0.8-37sv

sonicwall sma_200_firmware 10.2.1.1-19sv

sonicwall sma_210_firmware 9.0.0.11-31sv

sonicwall sma_210_firmware 10.2.0.8-37sv

sonicwall sma_210_firmware 10.2.1.1-19sv

sonicwall sma_410_firmware 9.0.0.11-31sv

sonicwall sma_410_firmware 10.2.0.8-37sv

sonicwall sma_410_firmware 10.2.1.1-19sv

sonicwall sma_400_firmware 9.0.0.11-31sv

sonicwall sma_400_firmware 10.2.0.8-37sv

sonicwall sma_400_firmware 10.2.1.1-19sv

sonicwall sma_500v_firmware 9.0.0.11-31sv

sonicwall sma_500v_firmware 10.2.0.8-37sv

sonicwall sma_500v_firmware 10.2.1.1-19sv

Mailing Lists

This Metasploit module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface Exploitation results in command execution as root The affected versions are 10212-24sv and below, 10208-37sv and below, and 90011-31sv and below ...

Recent Articles

Critical SonicWall NAC Vulnerability Stems from Apache Mods
Threatpost • Elizabeth Montalbano • 11 Jan 2022

Rapid7 has offered up more details on a SonicWall critical flaw that allows for unauthenticated remote code execution (RCE) on affected devices, noting that it arises from tweaks that the vendor made to the Apache httpd server.
The bug (CVE-2021-20038) is one of five vulnerabilities discovered in its series of popular network access control (NAC) system products.
In October, Rapid7 lead security researcher Jake Baines discovered the flaws in Sonic Wall’s Secure Mobile Access (SMA) ...