CVE-2024-22398

2024-03-1403:29:03

CWE-22

sonicwall

www.cve.org

vulnerability

directory traversal

remote attacker

administrative privileges

sonicwall email security

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.7%

JSON

An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file system.

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "platforms": [
      "Linux"
    ],
    "product": "Email Security",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "10.0.26.7807 and earlier versions"
      }
    ]
  }
]

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0006