Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:3C46076B-BAA2-4E8A-9BE1-5173E1828E48
HistorySep 27, 2021 - 12:00 a.m.

CVE-2021-20034

2021-09-2700:00:00
attackerkb.com
6
JSON

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

Recent assessments:

jbaines-r7 at October 12, 2021 8:21pm UTC reported:

Beyond denial of service purposes, CVE-2021-20034 has limited attacker value due to the inability of the attacker to easily reboot the system post-exploitation. While the vulnerability could see use by destructive attackers, it’s unlikely to be used in any type of widespread campaign like previous SonicWall vulnerabilities. See the Rapid7 analysis for full details.

Assessed Attacker Value: 2
Assessed Attacker Value: 2Assessed Attacker Value: 4

Related

nessus 1
prion 1
malwarebytes 1
thn 1
packetstorm 1
cve 1
zdt 1
exploitdb 1
nessus
nessus
SonicWall Secure Mobile Access Arbitrary File Delete (SNWLID-2021-0021)
2021-10-01 00:00:00
prion
prion
Path traversal
2021-09-27 18:15:00
malwarebytes
malwarebytes
SonicWall warns users to patch critical vulnerability β€œas soon as possible”
2021-09-24 11:09:10
thn
thn
SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices
2021-09-25 05:39:00
packetstorm
packetstorm
SonicWall SMA 10.2.1.0-17sv Password Reset
2021-10-20 00:00:00
cve
cve
CVE-2021-20034
2021-09-27 18:15:00
zdt
zdt
SonicWall SMA 10.2.1.0-17sv - Password Reset Vulnerability
2021-10-20 00:00:00
exploitdb
exploitdb
SonicWall SMA 10.2.1.0-17sv - Password Reset
2021-10-20 00:00:00
JSON
Related for AKB:3C46076B-BAA2-4E8A-9BE1-5173E1828E48
nessus1prion1malwarebytes1thn1packetstorm1cve1zdt1exploitdb1