CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a security flaw impacting SonicWall Secure Mobile Access SMA 100 Series gateways to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The high-severity vulnerability, tracked...

VulnCheck KEV: CVE-2021-20039

Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

The vulnerability of the Apache mod_cgi module for HTTP servers in the SonicWall network device software for the SMA series (SMA 100, SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500vl) allows attackers to execute arbitrary code.

The vulnerability of the Apache modcgi module for HTTP servers in the SonicWall network devices from the SMA series SMA 100, SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v is related to the execution of code outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to...

CVE-2021-20039

Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

CVE-2021-20041

An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...