CVE-2024-12806

🗓️ 09 Jan 2025 07:28:13Reported by sonicwallType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 77 Views

Post-authentication path traversal vulnerability in SonicOS allows remote file reading.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-12806	7 Jan 202512:38	–	circl
CNNVD	SonicWALL SonicOS 安全漏洞	9 Jan 202500:00	–	cnnvd
CNVD	Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01663)	10 Jan 202500:00	–	cnvd
Cvelist	CVE-2024-12806	9 Jan 202507:28	–	cvelist
EUVD	EUVD-2024-51119	3 Oct 202520:07	–	euvd
NVD	CVE-2024-12806	9 Jan 202508:15	–	nvd
SonicWall	SonicOS Multiple Post-authentication Vulnerabilities	7 Jan 202516:56	–	sonicwall
Vulnrichment	CVE-2024-12806	9 Jan 202507:28	–	vulnrichment

Vulners

Node

sonicwall sonicosRange≤6.5.4.15-117n

sonicwall sonicosRange≤7.0.1-5161

sonicwall sonicosRange≤7.1.2-7019

sonicwall sonicosRange≤8.0.0-8035

AND

sonicwall gen6_hardware

sonicwall gen7_hardware

sonicwall gen7_nsv

sonicwall tz80

[
  {
    "defaultStatus": "unknown",
    "platforms": [
      "Gen6 Hardware",
      "Gen7 Hardware",
      "Gen7 NSv",
      "TZ80"
    ],
    "product": "SonicOS",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "6.5.4.15-117n and older versions"
      },
      {
        "status": "affected",
        "version": "7.0.1-5161 and older version"
      },
      {
        "status": "affected",
        "version": "7.1.2-7019"
      },
      {
        "status": "affected",
        "version": "8.0.0-8035"
      }
    ]
  }
]

Source	Link
psirt	www.psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004

15 Apr 2026 00:35Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.14.9

EPSS0.00126

SSVC

CWE-37