Lucene search
+L

7 matches found

HackRead
HackRead
added 2025/05/03 9:26 p.m.67 views

watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices

watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities CVE-2024-38475 & CVE-2023-44221 potentially leading to full system takeover…...

9.1CVSS9.7AI score0.99957EPSS
Exploits1
VulnCheck KEV
VulnCheck KEV
added 2025/04/29 12:0 a.m.2 views

VulnCheck KEV: CVE-2023-44221

SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user...

7.2CVSS6AI score0.74933EPSS
Exploits0References1
Circl
Circl
added 2023/12/24 3:26 p.m.22 views

CVE-2023-44221

creationtimestamp| type| source ---|---|--- 2023-12-24 15:26:20+00:00| seen| https://t.me/ctinow/159038 2025-04-30 16:18:31+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114427816217281348 2025-04-30 18:14:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14107 2025-05-01...

7.2CVSS7.4AI score0.74933EPSS
Exploits0References68
NVD
NVD
added 2023/12/05 9:15 p.m.14 views

CVE-2023-44221

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability...

7.2CVSS0.74933EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/12/05 8:10 p.m.28 views

CVE-2023-44221

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability...

7.4AI score0.74933EPSS
Exploits0References1
CVE
CVE
added 2023/12/05 8:10 p.m.168 views

CVE-2023-44221

The CVE-2023-44221 entry concerns SonicWall SMA100 appliances with the SSL-VPN management interface. A vulnerability in improper neutralization of special elements allows a remote authenticated attacker with administrative privileges to inject arbitrary commands as a nobody user, enabling OS Comm...

7.2CVSS7.1AI score0.74933EPSS
In wildExploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/12/05 12:0 a.m.53 views

CVE-2023-44221

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a ‘nobody’ user, potentially leading to OS Command Injection Vulnerability. Recent assessments: Assessed...

7.2CVSS7.4AI score0.74933EPSS
In wildExploits0References2
Rows per page
Query Builder