Lucene search
K

138 matches found

Vulnrichment
Vulnrichment
added 2024/01/17 11:57 p.m.12 views

CVE-2023-6340

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service DoS caused by Stack-based Buffer Overflow vulnerability...

6.9AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/17 12:0 a.m.5 views

SonicWALL NetExtender Security Vulnerabilities

SonicWALL NetExtender is a software application from SonicWALL USA that allows remote users to connect to remote networks in a secure manner. Provides simple and secure access for Windows and Linux users. A security vulnerability exists in SonicWall NetExtender client version 10.2.337 and earlier...

5.5CVSS7AI score0.00213EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.11 views

The vulnerability of the SonicWall NetExtender software for providing remote access allows a intruder to execute arbitrary commands.

The vulnerability of the SonicWall NetExtender software for providing remote access is related to insecure management of privileges. Exploiting this vulnerability could allow a hacker to execute arbitrary commands...

7.3CVSS7.6AI score0.00294EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/10/27 8:15 a.m.18 views

CVE-2023-44220

SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...

7.3CVSS7.2AI score0.00294EPSS
Exploits0References1
OSV
OSV
added 2023/10/27 8:15 a.m.4 views

CVE-2023-44220

SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...

7.3CVSS5.9AI score0.00294EPSS
Exploits0References1
Prion
Prion
added 2023/10/27 8:15 a.m.22 views

Spoofing

SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...

4.1CVSS7.1AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/27 7:44 a.m.20 views

CVE-2023-44220

SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...

7.4AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/27 7:44 a.m.13 views

CVE-2023-44220

SonicWall NetExtender Windows 32-bit and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system...

6.9AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2023/10/27 7:44 a.m.68 views

CVE-2023-44220

CVE-2023-44220 affects SonicWall NetExtender Windows client (32-bit and 64-bit) versions 10.2.336 and earlier. The root cause is a DLL Search Order Hijacking vulnerability in the startup DLL component, which could allow a local attacker to execute commands on the target system. Exploitation is de...

7.3CVSS7.1AI score0.00294EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.5 views

SonicWall NetExtender Windows client security vulnerability

SonicWALL NetExtender Windows client is a Windows-based SSL VPN Virtual Private Network client application from SonicWALL, Inc. A security vulnerability exists in SonicWall NetExtender Windows client version 10.2.336 and earlier, which originates from a DLL hijacking vulnerability in the componen...

7.3CVSS7.2AI score0.00294EPSS
Exploits0References2
SonicWall
SonicWall
added 2023/10/25 8:25 a.m.10 views

SonicWall NetExtender Windows Client DLL Search Order Hijacking Vulnerability

SonicWall NetExtender Windows 32 and 64-bit client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system. SonicWall strongly advises SSL VPN...

7.3CVSS6.7AI score0.00294EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/10/25 12:0 a.m.4 views

PT-2023-6720 · Sonicwall · Sonicwall Netextender Windows Client

Name of the Vulnerable Software and Affected Versions: SonicWall NetExtender Windows client versions 10.2.336 and earlier Description: The issue is related to a DLL Search Order Hijacking vulnerability in the start-up DLL component of the SonicWall NetExtender Windows client. This vulnerability c...

7.3CVSS7.3AI score0.00294EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.5 views

The software for providing remote access by SonicWall NetExtender exposes vulnerabilities, allowing attackers to gain access to the Windows operating system of the host with SYSTEM privileges.

The vulnerability of the SonicWall NetExtender software for providing remote access is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to gain access to the Windows operating system of the host with SYSTEM privileges...

8.8CVSS7.3AI score0.00202EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.5 views

The vulnerability of the MSI-client software of the remote access solution SonicWall NetExtender allows a hacker to increase their privileges.

The vulnerability of the MSI client software used by SonicWall NetExtender for remote access control is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.00178EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/10/03 8:15 a.m.17 views

CVE-2023-44218

A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation LPE vulnerability...

8.8CVSS8.8AI score0.00202EPSS
Exploits0References1
OSV
OSV
added 2023/10/03 8:15 a.m.5 views

CVE-2023-44217

A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality...

7.8CVSS5.8AI score0.00178EPSS
Exploits0References2
OSV
OSV
added 2023/10/03 8:15 a.m.5 views

CVE-2023-44218

A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation LPE vulnerability...

7.8CVSS5.8AI score0.00202EPSS
Exploits0References1
Prion
Prion
added 2023/10/03 8:15 a.m.20 views

Privilege escalation

A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation LPE vulnerability...

4.3CVSS7.8AI score0.00202EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/03 8:0 a.m.25 views

CVE-2023-44218

A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation LPE vulnerability...

8.8CVSS9AI score0.00202EPSS
Exploits0References1
CVE
CVE
added 2023/10/03 8:0 a.m.78 views

CVE-2023-44218

SonicWall NetExtender Pre-Logon vulnerability (CVE-2023-44218) affects the Windows NetExtender Pre-Logon feature, enabling local privilege escalation to SYSTEM. The root cause is described as insecure privilege management. Impact is unauthorized host access with SYSTEM privileges; no exploit deta...

8.8CVSS7.8AI score0.00202EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder