Vulnerabilidades em SonicWall

187 resultados
CVE-2023-34128Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlieEPSS 0.6%CVE-2024-45317HIGHA Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenEPSS 0.6%CVE-2020-5144SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded EPSS 0.6%CVE-2020-5131SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute cEPSS 0.5%CVE-2024-29012MEDIUMStack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoSEPSS 0.5%CVE-2022-2324Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service iEPSS 0.5%CVE-2026-0206MEDIUMA post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.EPSS 0.5%CVE-2022-22281A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allowsEPSS 0.5%CVE-2019-7487Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotesEPSS 0.5%CVE-2024-12802CRITICALSSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (SecurEPSS 0.5%CVE-2024-22395MEDIUMImproper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could poEPSS 0.4%CVE-2026-0205MEDIUMA post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.EPSS 0.4%CVE-2026-0400MEDIUMA post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.EPSS 0.4%CVE-2026-0204HIGHA vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific EPSS 0.4%CVE-2026-4116HIGHImproper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/CEPSS 0.4%CVE-2021-20037SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalatiEPSS 0.4%CVE-2025-40603MEDIUMA potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrEPSS 0.4%CVE-2026-3469LOWA denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, allowing a remoteEPSS 0.4%CVE-2025-23010HIGHAn Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client whicEPSS 0.4%CVE-2026-4113HIGHAn observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN usEPSS 0.4%