CVE-2025-23007

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation...

SonicWall NetExtender Local Privilege Escalation via Arbitrary SYSTEM File Read

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation. CVE: CVE-2025-23007 Last updated: March 24, 2025, 5:22 a.m...

SonicWALL NetExtender 安全漏洞

SonicWall NetExtender Windows client is a software application from SonicWALL USA that allows remote users to connect to remote networks in a secure manner. Provides simple and secure access for Windows and Linux users. An elevation of privilege vulnerability exists in the SonicWall NetExtender...

PT-2025-4763 · Sonicwall · Sonicwall Netextender

Name of the Vulnerable Software and Affected Versions: SonicWall NetExtender versions up to 10.3.0 Description: A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation...

SonicWall NetExtender Arbitrary Code Execution (SNWLID-2024-0011)

According to its self-reported version, the Sonicwall NetExtender client is vulnerable to a to arbitrary code execution when processing an EPC Client update. A remote attacker could use this vulnerability to execute code with the admin permissions on the host machine. Note that Nessus has not...

CVE-2024-29014

Vulnerability in SonicWall SMA100 NetExtender Windows 32 and 64-bit client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update...

CVE-2024-29014

Vulnerability in SonicWall SMA100 NetExtender Windows 32 and 64-bit client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update...

CVE-2024-29014

SonicWall SMA100 NetExtender Windows client (32/64-bit) versions 10.2.339 and earlier are affected by CVE-2024-29014 due to incorrect handling of EPC Client updates in the Enable Client Autoupdate service, enabling arbitrary code execution. Impact is remote code execution with high privileges on ...

CVE-2024-29014

Vulnerability in SonicWall SMA100 NetExtender Windows 32 and 64-bit client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update...

CVE-2024-29014

Vulnerability in SonicWall SMA100 NetExtender Windows 32 and 64-bit client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update...

SonicWall SMA100 NetExtender Windows Client Remote Code Execution Vulnerability

Vulnerability in SonicWall SMA100 NetExtender Windows 32 and 64-bit client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update.SonicWall strongly advises SSL VPN NetExtender client users to upgrade to the latest release version...

PT-2024-5391 · Sonicwall · Sonicwall Sma100 +1

Name of the Vulnerable Software and Affected Versions: SonicWall NetExtender versions 10.2.339 and earlier Description: The issue is related to incorrect code generation management in the Enable Client Autoupdate service of the Remote Access End Point Control EPC in SonicWall NetExtender. This ca...

CVE-2023-6340

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service DoS caused by Stack-based Buffer Overflow vulnerability...

CVE-2023-6340

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service DoS caused by Stack-based Buffer Overflow vulnerability...

Stack overflow

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service DoS caused by Stack-based Buffer Overflow vulnerability...

CVE-2023-6340

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service DoS caused by Stack-based Buffer Overflow vulnerability...

CVE-2023-6340

SonicWall reports that Capture Client 3.7.10 and NetExtender Windows client 10.2.337 and earlier install with the sfpmonitor.sys driver. The driver has a stack-based buffer overflow that can be triggered by crafted queries, leading to Denial of Service and potentially kernel memory overwrite with...

CVE-2023-6340

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service DoS caused by Stack-based Buffer Overflow vulnerability...

SonicWALL NetExtender Security Vulnerabilities

SonicWALL NetExtender is a software application from SonicWALL USA that allows remote users to connect to remote networks in a secure manner. Provides simple and secure access for Windows and Linux users. A security vulnerability exists in SonicWall NetExtender client version 10.2.337 and earlier...

CVE-2023-44220

SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...