Lucene search
+L

7 matches found

Check Point Advisories
Check Point Advisories
added 2022/04/17 12:0 a.m.21 views

SonicWall SSLVPN SMA100 Authentication Bypass (CVE-2021-20016)

An authentication bypass vulnerability exists in SonicWall SSLVPN. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

7.5CVSS4.1AI score0.40038EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/04/30 1:1 p.m.206 views

Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks

An "aggressive" financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS. The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an "improper S...

9.8CVSS1AI score0.40038EPSS
Exploits0
Circl
Circl
added 2021/02/04 12:34 p.m.20 views

CVE-2021-20016

creationtimestamp| type| source ---|---|--- 2021-02-04 12:34:03+00:00| seen| https://t.me/cibsecurity/23046 2021-04-30 12:25:17+00:00| exploited| https://t.me/truesecator/1668 2021-05-24 09:56:40+00:00| seen| MISP/d81c3a80-018d-413d-9f11-59aa0c67e761 2021-06-07 13:36:14+00:00| seen|...

9.8CVSS7.5AI score0.40038EPSS
Exploits0References19
ATTACKERKB
ATTACKERKB
added 2021/02/04 12:0 a.m.157 views

CVE-2021-20016

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x. Recent assessments: wvu-r7 at February 05, 20...

9.8CVSS9.7AI score0.40038EPSS
In wildExploits0References2
CVE
CVE
added 2021/02/03 8:35 p.m.1397 views

CVE-2021-20016

CVE-2021-20016 is a SQL Injection vulnerability in SonicWall SSLVPN SMA100 (build 10.x). The description confirms remote unauthenticated access to usernames/passwords and session data. Connected sources reiterate SonicWall SSLVPN/SMA100 and CVE mention but provide no additional technical specific...

9.8CVSS9.6AI score0.40038EPSS
In wildExploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/03 12:0 a.m.146 views

SonicWall Secure Mobile Access Remote Code Execution (SNWLID-2021-0001)

According to its self-reported version, the remote SonicWall Secure Mobile Access is affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands. Note that Nessus has not tested for these issues bu...

9.8CVSS8.8AI score0.40038EPSS
Exploits0References3
SonicWall
SonicWall
added 2021/01/23 10:36 a.m.19 views

Confirmed Zero-day vulnerability in the SonicWall SMA100 build version 10.x

A vulnerability resulting in improper SQL command neutralization in the SonicWall SSLVPN SMA100 product allows remote exploitation for credential access by an unauthenticated attacker. This vulnerability impacts SMA100 build version 10.x. CVE: CVE-2021-20016 Last updated: Feb. 3, 2021, 9:11 p.m...

9.8CVSS9.9AI score0.40038EPSS
Exploits0
Rows per page
Query Builder