Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-20038
HistoryDec 08, 2021 - 10:15 a.m.

CVE-2021-20038

2021-12-0810:15:00
CWE-787
[email protected]
web.nvd.nist.gov
931
In Wild
5
cve-2021-20038
apache httpd
buffer overflow
mod_cgi
sma
vulnerability
security advisory

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.949 High

EPSS

Percentile

99.3%

JSON

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server’s mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a ‘nobody’ user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.

Social References

More

Related

prion 1
checkpoint_advisories 1
githubexploit 5
nuclei 1
cisa_kev 1
attackerkb 1
zdt 1
packetstorm 1
metasploit 1
thn 2
ics 3
threatpost 2
rapid7blog 4
cisa 1
nessus 1
prion
prion
Stack overflow
2021-12-08 10:15:00
checkpoint_advisories
checkpoint_advisories
SonicWall SMA100 Buffer Overflow (CVE-2021-20038)
2022-02-06 00:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Sonicwall Sma 200 Firmware
2022-04-26 04:38:11
Exploit for Out-of-bounds Write in Sonicwall Sma 200 Firmware
2022-04-24 02:02:54
Exploit for Out-of-bounds Write in Sonicwall Sma 200 Firmware
2022-04-24 02:02:54
nuclei
nuclei
SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution
2022-01-18 05:20:14
cisa_kev
cisa_kev
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
2022-01-28 00:00:00
attackerkb
attackerkb
CVE-2021-20038
2022-01-11 00:00:00
zdt
zdt
SonicWall SMA 100 Series Authenticated Command Injection Exploit
2022-01-13 00:00:00
packetstorm
packetstorm
SonicWall SMA 100 Series Authenticated Command Injection
2022-01-13 00:00:00
metasploit
metasploit
SonicWall SMA 100 Series Authenticated Command Injection
2022-01-10 20:43:50
thn
thn
North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations
2023-02-10 11:52:00
SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws
2021-12-09 05:18:00
ics
ics
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
2023-02-09 12:00:00
2021 Top Routinely Exploited Vulnerabilities
2022-04-28 12:00:00
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00
threatpost
threatpost
Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
2021-12-08 19:16:54
Critical SonicWall NAC Vulnerability Stems from Apache Mods
2022-01-11 14:09:21
rapid7blog
rapid7blog
CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)
2022-01-11 14:00:00
Metasploit Weekly Wrap-Up
2022-01-14 19:00:29
SonicWall Recommends Urgent Patching for GMS and Analytics CVEs
2023-07-13 14:56:13
cisa
cisa
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
2022-01-28 00:00:00
nessus
nessus
SonicWall Secure Mobile Access Multiple Vulnerabilities (SNWLID-2021-0026)
2021-12-09 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.949 High

EPSS

Percentile

99.3%

JSON
Related for CVE-2021-20038
prion1checkpoint_advisories1githubexploit5nuclei1cisa_kev1attackerkb1zdt1packetstorm1metasploit1thn2ics3threatpost2rapid7blog4cisa1nessus1