CVE-2021-20017

EPSS 1.8%CWE-78

A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulnerability impacts SMA100 version 10.2.0.5 and earlier.

Affected products

SonicWall · SMA100

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0004