Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSonicwallCVELIST:CVE-2021-20038
HistoryDec 08, 2021 - 9:55 a.m.

CVE-2021-20038

2021-12-0809:55:20
CWE-121
sonicwall
www.cve.org
2

9.9 High

AI Score

Confidence

High

0.949 High

EPSS

Percentile

99.3%

JSON

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server’s mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a ‘nobody’ user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.

CNA Affected

[
  {
    "product": "SonicWall SMA100",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "10.2.0.8-37sv and earlier"
      },
      {
        "status": "affected",
        "version": "10.2.1.1-19sv and earlier"
      },
      {
        "status": "affected",
        "version": "10.2.1.2-24sv and earlier"
      }
    ]
  }
]

Related

prion 1
checkpoint_advisories 1
githubexploit 5
cve 1
cisa_kev 1
nuclei 1
nvd 1
attackerkb 1
zdt 1
metasploit 1
packetstorm 1
thn 2
ics 3
threatpost 2
rapid7blog 4
nessus 1
cisa 1
prion
prion
Stack overflow
2021-12-08 10:15:00
checkpoint_advisories
checkpoint_advisories
SonicWall SMA100 Buffer Overflow (CVE-2021-20038)
2022-02-06 00:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Sonicwall Sma 200 Firmware
2022-04-26 04:38:11
Exploit for Out-of-bounds Write in Sonicwall Sma 200 Firmware
2022-04-24 02:02:54
Exploit for Out-of-bounds Write in Sonicwall Sma 200 Firmware
2022-04-24 02:02:54
cve
cve
CVE-2021-20038
2021-12-08 10:15:07
cisa_kev
cisa_kev
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
2022-01-28 00:00:00
nuclei
nuclei
SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution
2022-01-18 05:20:14
nvd
nvd
CVE-2021-20038
2021-12-08 10:15:07
attackerkb
attackerkb
CVE-2021-20038
2022-01-11 00:00:00
zdt
zdt
SonicWall SMA 100 Series Authenticated Command Injection Exploit
2022-01-13 00:00:00
metasploit
metasploit
SonicWall SMA 100 Series Authenticated Command Injection
2022-01-10 20:43:50
packetstorm
packetstorm
SonicWall SMA 100 Series Authenticated Command Injection
2022-01-13 00:00:00
thn
thn
North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations
2023-02-10 11:52:00
SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws
2021-12-09 05:18:00
ics
ics
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
2023-02-09 12:00:00
2021 Top Routinely Exploited Vulnerabilities
2022-04-28 12:00:00
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00
threatpost
threatpost
Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
2021-12-08 19:16:54
Critical SonicWall NAC Vulnerability Stems from Apache Mods
2022-01-11 14:09:21
rapid7blog
rapid7blog
CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)
2022-01-11 14:00:00
SonicWall Recommends Urgent Patching for GMS and Analytics CVEs
2023-07-13 14:56:13
Metasploit Weekly Wrap-Up
2022-01-14 19:00:29
nessus
nessus
SonicWall Secure Mobile Access Multiple Vulnerabilities (SNWLID-2021-0026)
2021-12-09 00:00:00
cisa
cisa
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
2022-01-28 00:00:00

9.9 High

AI Score

Confidence

High

0.949 High

EPSS

Percentile

99.3%

JSON
Related for CVELIST:CVE-2021-20038
prion1checkpoint_advisories1githubexploit5cve1cisa_kev1nuclei1nvd1attackerkb1zdt1metasploit1packetstorm1thn2ics3threatpost2rapid7blog4nessus1cisa1