Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sma 500V Security Vulnerabilities

cve
cve

CVE-2021-20016

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.

9.8CVSS

9.6AI Score

0.026EPSS

2021-02-04 06:15 AM
1161
In Wild
29
cve
cve

CVE-2021-20034

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

9.1CVSS

9.2AI Score

0.701EPSS

2021-09-27 06:15 PM
82
2
cve
cve

CVE-2021-20035

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.

6.5CVSS

6.4AI Score

0.002EPSS

2021-09-27 06:15 PM
20