Vulnerabilities in SonicWall

187 results
CVE-2024-29011HIGHUse of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability. This issue affects GMS: 9.3.4 and earlieEPSS 0.9%CVE-2022-22278A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when usEPSS 0.9%CVE-2021-20047SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. Successful exploEPSS 0.9%CVE-2020-5148SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potenEPSS 0.8%CVE-2019-7484Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. TEPSS 0.8%CVE-2025-40600CRITICALUse of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause EPSS 0.8%CVE-2023-41712SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.EPSS 0.8%CVE-2023-39276 SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash. EPSS 0.8%CVE-2023-39277 SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to aEPSS 0.8%CVE-2023-39279SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crashEPSS 0.8%CVE-2023-41711SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crashEPSS 0.8%CVE-2023-39280SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewEPSS 0.8%CVE-2023-39278SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crashEPSS 0.8%CVE-2024-12803HIGHA post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potenEPSS 0.8%CVE-2024-40765CRITICALAn Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of SEPSS 0.8%CVE-2025-32818HIGHA Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash tEPSS 0.8%CVE-2021-20030HIGHSonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containingEPSS 0.8%CVE-2024-22394CRITICALAn improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow EPSS 0.7%CVE-2022-22276A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.EPSS 0.7%CVE-2022-22277A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.EPSS 0.7%