32 matches found
PT-2025-47902
CVE-2025-13197 - CVE-2022-42363: SonicWall SSL-VPN Cross-Site Request Forgery CSRF CVE ID : CVE-2025-13197 Published : Nov. 22, 2025, 11:15 p.m. | 3 hours, 26 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA...
VulnCheck KEV: CVE-2022-1703
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service DoS attack...
EUVD-2010-2587
Malware in sbrugna...
EUVD-2007-5785
Malware in sbrugna...
EUVD-2007-5784
Malware in sbrugna...
EUVD-2022-24988
Malicious code in bioql PyPI...
EUVD-2022-27428
Malicious code in bioql PyPI...
CVE-2022-22281
A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client 32 and 64 bit in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system...
CVE-2022-1703
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service DoS attack...
CVE-2020-5132
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of...
PT-2025-1010
Name of the Vulnerable Software and Affected Versions SonicWall versions prior to 7.1.3-7015 SonicWall versions prior to 8.0.0-8037 SonicOS versions 7.1.x up to 7.1.1-7058 SonicOS versions 7.0.1 and earlier Description An improper authentication issue exists in the SSL VPN authentication mechanis...
SonicWALL SSL-VPN Format String
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SonicWALL SSL-VPN Format String Vulnerability', 'Description' = %q There is a format string vulnerability within the SonicWALL SSL-VPN Appliance ...
CVE-2022-1703
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service DoS attack...
CVE-2022-22281
A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client 32 and 64 bit in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system...
SonicWall SSL-VPN NetExtender Windows Client Buffer Overflow Vulnerability
A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client 32 and 64 bit in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system. CVE: CVE-2022-22281 Last updated: May 6, 2022, 11:44 a.m...
SonicWALL SSL VPN 1.3 3 WebCacheCleaner ActiveX FileDelete Method Traversal Arbitrary File Deletion
No description provided by source. source: http://www.securityfocus.com/bid/26288/info SonicWALL SSL VPN Client is prone to multiple remote vulnerabilities. The issues occur in different ActiveX controls and include arbitrary-file-deletion and multiple stack-based buffer-overflow vulnerabilities...
CVE-2010-2583
Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control Aventail.EPInstaller before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long 1 CabURL and 2 Location arguments to the Install3rdPartyComponent method...
CVE-2010-2583
Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control Aventail.EPInstaller before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long 1 CabURL and 2 Location arguments to the Install3rdPartyComponent method...
SonicWALL SSL VPN End Point Interrogator Installer ActiveX Control
SonicWALL SSL VPN provides secure remote access to mission-critical resources from any endpoint including desktops, laptops, PDAs and smartphones. SonicWALL SSL VPN is bundled with a number of ActiveX controls such as, EPInstaller End Point Installer and EPInterrogator End Point Interrogator, tha...
SonicWALL SSL-VPN ActiveX format string vulnerability
End-Point Interrogator/Installer ActiveX format string vulnerability in AuthCredential method...