7.5
CVSSv2

CVE-2021-20045

Published: 08/12/2021 Updated: 10/12/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated malicious user to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sonicwall sma_200_firmware 10.2.0.8-37sv

sonicwall sma_200_firmware 10.2.1.1-19sv

sonicwall sma_210_firmware 10.2.0.8-37sv

sonicwall sma_210_firmware 10.2.1.1-19sv

sonicwall sma_410_firmware 10.2.0.8-37sv

sonicwall sma_410_firmware 10.2.1.1-19sv

sonicwall sma_400_firmware 10.2.0.8-37sv

sonicwall sma_400_firmware 10.2.1.1-19sv

sonicwall sma_500v_firmware 10.2.0.8-37sv

sonicwall sma_500v_firmware 10.2.1.1-19sv

Recent Articles

Make sure you're up-to-date with Sonicwall SMA 100 VPN box patches – security hole exploit info is now out
The Register • Gareth Corfield • 11 Jan 2022

Get our weekly newsletter Nothing like topping off unauth'd remote code execution with a su password of ... password

Technical details and exploitation notes have been published for a remote-code-execution vulnerability in Sonicwall SMA 100 series VPN appliances.
The information was released today by infosec outfit Rapid7. This comes about a month after Sonicwall issued a patch for the security hole, which was discovered and privately disclosed by Rapid7's Jake Baines to Sonicwall in October.
If you haven't yet applied the update, now would be a good time before it's widely exploited. So far there ...

Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
Threatpost • Tara Seals • 08 Dec 2021

Critical security vulnerabilities in SonicWall’s Secure Mobile Access (SMA) 100-series VPN appliances could allow an unauthenticated, remote user to execute code as root.
The SMA 100 line was created to provide end-to-end secure remote access to corporate resources, be they hosted on-prem, cloud or hybrid data centers. It also offers policy-enforced access control to applications after establishing user and device identity and trust.
The most severe of the bugs, officially an unaut...