Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2025/10/11 1:30 p.m.11 views

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that...

9.8CVSS6.7AI score0.15694EPSS
Exploits0
CISA
CISA
added 2025/09/22 12:0 p.m.4 views

SonicWall Releases Advisory for Customers after Security Incident

SonicWall released a security advisory to assist their customers with protecting systems impacted by the MySonicWall cloud backup file incident. SonicWall’s investigation found that a malicious actor performed a series of brute force techniques against their MySonicWall.com web portal to gain...

6.6AI score
Exploits0References3
The Hacker News
The Hacker News
added 2025/09/18 2:12 p.m.5 views

SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers

SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts. The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat...

9.8CVSS6.6AI score0.15694EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/09/10 5:44 p.m.7 views

Akira Ransomware Group Utilizing SonicWall Devices for Initial Access

Latest update – September 18, 2025 On September 17, 2025, SonicWall disclosed a security breach affecting all SonicWall customers with MySonicWall.com cloud backups enabled. The firm detected suspicious activity targeting MySonicWall.com, through which threat actors were able to access backup...

6.6AI score
Exploits0
NVD
NVD
added 2021/05/13 3:15 p.m.12 views

CVE-2021-20025

SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the...

7.8CVSS0.00356EPSS
Exploits0References1
OSV
OSV
added 2021/05/13 3:15 p.m.2 views

CVE-2021-20025

SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the...

7.8CVSS7.1AI score0.00356EPSS
Exploits0References1
SonicWall
SonicWall
added 2020/08/25 7:30 p.m.2 views

Insecure Direct Object Reference vulnerability in the mysonicwall.com add-user API

An insecure direct object reference vulnerability has been identified in the users/add-user API endpoint of mysonicwall.com. This could allow a normal authenticated mysonicwall user to manipulate API parameter and gain access to user group of tenant of any other mysonicwall user account. CVE: N/A...

9.9CVSS7AI score
Exploits0
Rows per page
Query Builder