41 matches found
CVE-2019-7476
A vulnerability in SonicWall Global Management System GMS, allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier...
EUVD-2019-17018
Malware in sbrugna...
EUVD-2007-6241
Malware in sbrugna...
EUVD-2021-7500
Malicious code in bioql PyPI...
CVE-2021-20037
SonicWall Global VPN Client 4.10.5 installer 32-bit and 64-bit incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier...
CVE-2021-20047
SonicWall Global VPN client version 4.10.6 32-bit and 64-bit and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system...
CVE-2020-5144
SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability...
SonicWALL GMS 安全漏洞
SonicWALL GMS is a global management system from SonicWALL, Inc. a powerful and intuitive solution for organizations, distributed enterprises, and service providers to centrally manage and rapidly deploy SonicWall Firewall, Anti-Spam, Backup and Recovery, and Secure Remote Access solutions. A...
CVE-2023-34136
Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...
CVE-2023-34134
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...
PT-2023-3802 · Sonicwall · Sonicwall Gms +1
Name of the Vulnerable Software and Affected Versions: SonicWall GMS versions 9.3.2-SP1 and earlier SonicWall Analytics versions 2.5.0.4-R7 and earlier Description: The issue is caused by incorrect restriction of directory path names with limited access. This allows an authenticated attacker to...
PT-2023-3808 · Sonicwall · Sonicwall Gms +1
Name of the Vulnerable Software and Affected Versions: SonicWall GMS versions 9.3.2-SP1 and earlier SonicWall Analytics versions 2.5.0.4-R7 and earlier Description: The issue is due to improper limitation of a pathname to a restricted directory, allowing an authenticated remote attacker to traver...
Vulnerability fixed in SonicWall GMS and Analytics
A vulnerability has been fixed in SonicWall GMS and Analytics. The vulnerability allows an unauthenticated remote malicious person able to perform an SQL injection attack under the privileges of the application. To exploit the vulnerability, the malicious party must have access to the management...
The vulnerability of the SonicWall Global VPN corporate client relates to an uncontrolled search path element, allowing a hacker to execute arbitrary code.
The vulnerability of the corporate VPN client SonicWall Global VPN is related to an uncontrolled search path element. Exploiting this vulnerability could allow a hacker to execute arbitrary code...
CVE-2021-20051
SonicWall Global VPN Client 4.10.7.1117 installer 32-bit and 64-bit and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system...
SonicWall Global VPN Client 代码问题漏洞
Sonicwall Global Vpn Client is a corporate VPN client from Sonicwall USA. SonicWall Global VPN Client suffers from a code issue vulnerability that stems from an untrusted search path at load time. An attacker could exploit the vulnerability to place a malicious file that would escalate privileges...
SonicWall Global VPN Client DLL Search Order Hijacking via Application Installer
SonicWall Global VPN Client 4.10.7 installer 32-bit and 64-bit and earlier have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system. CVE: CVE-2021-20051 Last updated: Apr...
Vulnerability fixed in SonicWall Global VPN Client
A vulnerability has been fixed in SonicWall Global VPN Client. The vulnerability is in the handling of specific DLL files. A local malicious party can exploit the vulnerability to execute arbitrary code. SonicWall has released updates to fix the vulnerability fix in Global VPN Client 4.10.7. More...
CVE-2021-20047
SonicWall Global VPN client version 4.10.6 32-bit and 64-bit and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system...
SonicWall Global VPN Client DLL Search Order Hijacking
SonicWall Global VPN client version 4.10.6 32-bit and 64-bit and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system.IMPORTANT: At the time of advisory, there is no evidence to suggest tha...