Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
668
VMScore

CVE-2022-22274

Published: 25/03/2022 Updated: 31/03/2022
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Sonicwall

Vulnerability Summary

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated malicious user to cause Denial of Service (DoS) or potentially results in code execution in the firewall.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sonicwall sonicos

sonicwall sonicosv

Vendor Advisories

Check Point Security Alerts: SonicWall SonicOS Buffer Overflow (CVE-2022-22274; CVE-2023-0656)
Check Point Reference: CPAI-2023-1468 Date Published: 18 Jan 2024 Severity: Critical ...

Github Repositories

https://github.com/forthisvideo/CVE-2022-22274_poc

CVE-2022-22274_poc

https://github.com/pwneddr/Sonic_CVE-2022-22274_poc

Sonic_CVE-2022-22274-_poc nvdnistgov/vuln/detail/CVE-2022-22274

https://github.com/BishopFox/CVE-2022-22274_CVE-2023-0656

SonicWall NGFW CVE-2022-22274 & CVE-2023-0656 On March 24, 2022, SonicWall released an advisory

Recent Articles

More than 178,000 SonicWall firewalls are exposed to old denial of service bugs
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Majority of public-facing devices still unpatched against critical vulns from as far back as 2022

More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims. A study by Jon Williams, senior security engineer at Bishop Fox, this week highlights what he refers to as weapons-grade patch apathy from SonicWall customers, with the number of exploitable devices representing 76 percent of those that are public-facing. With a focus on CVE-2022-22274 and CVE-2023-0656 specifically, Williams said 178,637 of 233,984 public-facing SonicWall next-g...

Read more...

References

CWE-787https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003https://nvd.nist.govhttps://github.com/forthisvideo/CVE-2022-22274_pochttps://www.theregister.co.uk/2024/01/16/more_than_178000_sonicwall_firewalls/https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1468.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook