SonicOS Security Vulnerabilities
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2...
8.7AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall 'admin' user to store and execute arbitrary JavaScript...
7.6AI Score
0.0004EPSS
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. This issue affects only firmware version SonicOS...
9.8CVSS
7.8AI Score
0.001EPSS
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo...
7.5CVSS
7.4AI Score
0.001EPSS
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall...
6.5CVSS
7.3AI Score
0.0004EPSS
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the...
8.8CVSS
7.3AI Score
0.001EPSS
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall...
6.5CVSS
7.3AI Score
0.0004EPSS
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall...
6.5CVSS
7.3AI Score
0.0004EPSS
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall...
6.5CVSS
7.8AI Score
0.0004EPSS
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall...
6.5CVSS
7.8AI Score
0.0004EPSS
SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall...
6.5CVSS
7.3AI Score
0.0004EPSS
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall...
6.5CVSS
7.4AI Score
0.0004EPSS
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA...
8.8CVSS
8.4AI Score
0.001EPSS
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to...
7.5CVSS
7.7AI Score
0.002EPSS
A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in...
5.3CVSS
5.2AI Score
0.001EPSS
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized...
5.3CVSS
5.2AI Score
0.001EPSS
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is...
7.5CVSS
7.5AI Score
0.001EPSS
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS)...
7.5CVSS
7.4AI Score
0.001EPSS
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the...
9.8CVSS
9.8AI Score
0.004EPSS
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware...
8.8CVSS
8.7AI Score
0.003EPSS
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware...
8.8CVSS
8.7AI Score
0.003EPSS
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web...
6.1CVSS
6.2AI Score
0.012EPSS
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure...
7.5CVSS
8.2AI Score
0.005EPSS
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual...
7.5CVSS
7.6AI Score
0.002EPSS
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version...
7.5CVSS
7.6AI Score
0.002EPSS
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and...
5.3CVSS
6.9AI Score
0.002EPSS
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7...
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...
7.5CVSS
7.5AI Score
0.002EPSS
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7,...
7.5CVSS
7.5AI Score
0.002EPSS
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS...
6.5CVSS
7.5AI Score
0.002EPSS
A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...
6.5CVSS
7.5AI Score
0.001EPSS
A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv.....
7.5CVSS
7.5AI Score
0.004EPSS
A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen....
6.1CVSS
5.8AI Score
0.002EPSS
A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version...
6.5CVSS
7.1AI Score
0.001EPSS
A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv...
7.5CVSS
8AI Score
0.002EPSS
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of...
5.3CVSS
7.3AI Score
0.001EPSS
SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and...
5.3CVSS
7.5AI Score
0.002EPSS
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n...
7.2CVSS
7.2AI Score
0.001EPSS
Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code...
7.8CVSS
7.8AI Score
0.0004EPSS
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote...
9.8CVSS
9.2AI Score
0.065EPSS
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO...
9.8CVSS
9.3AI Score
0.289EPSS
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer...
9.8CVSS
9.3AI Score
0.937EPSS
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP...
7.5CVSS
8.4AI Score
0.063EPSS
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership...
5.3CVSS
9.2AI Score
0.009EPSS
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP...
7.5CVSS
9.3AI Score
0.011EPSS
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race...
8.1CVSS
9.2AI Score
0.018EPSS
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside...
8.8CVSS
9.4AI Score
0.93EPSS
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP...
9.8CVSS
9.5AI Score
0.059EPSS
A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0,....
7.5CVSS
7.2AI Score
0.006EPSS
A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8,....
9.8CVSS
7.3AI Score
0.002EPSS