138 matches found
CVE-2023-6340
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service DoS caused by Stack-based Buffer Overflow vulnerability...
SonicWALL NetExtender Security Vulnerabilities
SonicWALL NetExtender is a software application from SonicWALL USA that allows remote users to connect to remote networks in a secure manner. Provides simple and secure access for Windows and Linux users. A security vulnerability exists in SonicWall NetExtender client version 10.2.337 and earlier...
The vulnerability of the SonicWall NetExtender software for providing remote access allows a intruder to execute arbitrary commands.
The vulnerability of the SonicWall NetExtender software for providing remote access is related to insecure management of privileges. Exploiting this vulnerability could allow a hacker to execute arbitrary commands...
CVE-2023-44220
SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...
CVE-2023-44220
SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...
Spoofing
SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...
CVE-2023-44220
SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...
CVE-2023-44220
SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...
CVE-2023-44220
CVE-2023-44220 affects SonicWall NetExtender Windows client (32-bit and 64-bit) versions 10.2.336 and earlier. The root cause is a DLL Search Order Hijacking vulnerability in the startup DLL component, which could allow a local attacker to execute commands on the target system. Exploitation is de...
SonicWall NetExtender Windows client security vulnerability
SonicWALL NetExtender Windows client is a Windows-based SSL VPN Virtual Private Network client application from SonicWALL, Inc. A security vulnerability exists in SonicWall NetExtender Windows client version 10.2.336 and earlier, which originates from a DLL hijacking vulnerability in the componen...
SonicWall NetExtender Windows Client DLL Search Order Hijacking Vulnerability
SonicWall NetExtender Windows 32 and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system. SonicWall strongly advises SSL VPN...
PT-2023-6720 · Sonicwall · Sonicwall Netextender Windows Client
Name of the Vulnerable Software and Affected Versions: SonicWall NetExtender Windows client versions 10.2.336 and earlier Description: The issue is related to a DLL Search Order Hijacking vulnerability in the start-up DLL component of the SonicWall NetExtender Windows client. This vulnerability c...
The software for providing remote access by SonicWall NetExtender exposes vulnerabilities, allowing attackers to gain access to the Windows operating system of the host with SYSTEM privileges.
The vulnerability of the SonicWall NetExtender software for providing remote access is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to gain access to the Windows operating system of the host with SYSTEM privileges...
The vulnerability of the MSI-client software of the remote access solution SonicWall NetExtender allows a hacker to increase their privileges.
The vulnerability of the MSI client software used by SonicWall NetExtender for remote access control is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2023-44218
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation LPE vulnerability...
CVE-2023-44217
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality...
CVE-2023-44218
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation LPE vulnerability...
Privilege escalation
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation LPE vulnerability...
CVE-2023-44218
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation LPE vulnerability...
CVE-2023-44218
SonicWall NetExtender Pre-Logon vulnerability (CVE-2023-44218) affects the Windows NetExtender Pre-Logon feature, enabling local privilege escalation to SYSTEM. The root cause is described as insecure privilege management. Impact is unauthorized host access with SYSTEM privileges; no exploit deta...