CVE-2021-20048
CVE-2021-20048
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
07 Jan 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
Affected products
SonicWall · SonicOSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →