333 matches found
CVE-2021-20016
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x...
CVE-2021-20016
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x...
Sql injection
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x...
CVE-2021-20016
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x. Recent assessments: wvu-r7 at February 05, 20...
CVE-2021-20016
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x...
CVE-2021-20016
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x...
CVE-2021-20016
CVE-2021-20016 is a SQL Injection vulnerability in SonicWall SSLVPN SMA100 (build 10.x). The description confirms remote unauthenticated access to usernames/passwords and session data. Connected sources reiterate SonicWall SSLVPN/SMA100 and CVE mention but provide no additional technical specific...
PT-2021-2884
Name of the Vulnerable Software and Affected Versions SonicWall SSLVPN SMA100 versions 10.x Description The issue is related to a SQL Injection vulnerability in the SonicWall SSLVPN SMA100 product. This vulnerability allows a remote unauthenticated attacker to perform SQL queries to access...
Weak Password Vulnerability in Jabil SSLVPN Management System
The business scope of Xi'an Jiaotong University Jiepu Network Technology Co., Ltd. includes: computer network routers, network switches, network terminal products, network information processing products, electronic products and software. A weak password vulnerability exists in the Jabil SSLVPN...
SonicWALL SonicOS Heap Overflow Vulnerability
SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A heap overflow vulnerability exists in SonicWALL SonicOS, which can be exploited by a remote, unauthenticated attacker to cause a denial of service of the firewall's SSLVPN service, which can lead...
SonicWALL SonicOS Administrator Username Enumeration Vulnerability
SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. An administrator username enumeration vulnerability exists in the SSLVPN login page of SonicWALL SonicOS, which can be exploited by a remote, unauthenticated attacker to enumerate the firewall...
SonicWALL SonicOS Cross-Site Scripting Vulnerability
SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A stored cross-site scripting vulnerability exists in the SSLVPN web interface of SonicWALL SonicOS, which can be exploited by a remote, unauthenticated attacker to store and execute arbitrary...
SonicWALL SonicOS Denial of Service Vulnerability
SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A denial of service vulnerability exists in the SSLVPN service in SonicWALL SonicOS that originates from the release of an invalid pointer, which can be exploited by an attacker to cause the firewa...
SonicWALL SonicOS Information Disclosure Vulnerability
SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. An information disclosure vulnerability exists in SonicWALL SonicOS, which can be exploited by a remote, unauthenticated attacker to brute-force break the Virtual Assistant Work Order ID in the...
SonicWALL SonicOS Memory Address Leakage Vulnerability
SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A memory address leakage vulnerability exists in SonicWALL SonicOS, which can be exploited by a remote, unauthenticated attacker to cause a denial of service of the firewall SSLVPN service by sendi...
CVE-2020-5143
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and G...
CVE-2020-5141
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS...
CVE-2020-5142
A stored cross-site scripting XSS vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen ...
CVE-2020-5142
A stored cross-site scripting XSS vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen ...
CVE-2020-5143
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and G...