37 matches found
EUVD-2020-26378
Malware in sbrugna...
EUVD-2020-26394
Malware in sbrugna...
EUVD-2023-48579
Malicious code in bioql PyPI...
EUVD-2025-10705
Malicious code in bioql PyPI...
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks
Unknown threat actors have been distributing a trojanized version of SonicWall's SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it. "NetExtender enables remote users to securely connect and run applications on the company network," SonicWall...
CVE-2020-5147
SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier...
CVE-2020-5131
SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier...
SonicWall NetExtender Windows client Improper Link Resolution Vulnerability
SonicWALL NetExtender Windows client is a Windows-based SSL VPN Virtual Private Network client application from SonicWALL USA. The SonicWALL NetExtender Windows client suffers from an improper link resolution vulnerability that stems from improper link resolution, which can be exploited by an...
SonicWall NetExtender Windows client elevation of privilege vulnerability
SonicWall NetExtender Windows client is a Windows-based SSL VPN Virtual Private Network client application from SonicWALL USA. An elevation of privilege vulnerability exists in SonicWall NetExtender Windows client, which can be exploited by an attacker to elevate privileges and arbitrary file...
CVE-2025-23010
An Improper Link Resolution Before File Access 'Link Following' vulnerability in SonicWall NetExtender Windows 32 and 64 bit client which allows an attacker to manipulate file paths...
CVE-2025-23009
A local privilege escalation vulnerability in SonicWall NetExtender Windows 32 and 64 bit client which allows an attacker to trigger an arbitrary file deletion...
CVE-2025-23008
An improper privilege management vulnerability in the SonicWall NetExtender Windows 32 and 64 bit client allows a low privileged attacker to modify configurations...
CVE-2025-23010
An Improper Link Resolution Before File Access 'Link Following' vulnerability in SonicWall NetExtender Windows 32 and 64 bit client which allows an attacker to manipulate file paths...
CVE-2025-23010
An Improper Link Resolution Before File Access 'Link Following' vulnerability in SonicWall NetExtender Windows 32 and 64 bit client which allows an attacker to manipulate file paths...
CVE-2025-23010
An Improper Link Resolution Before File Access 'Link Following' vulnerability in SonicWall NetExtender Windows 32 and 64 bit client which allows an attacker to manipulate file paths...
CVE-2025-23010
SonicWall NetExtender Windows client (32/64-bit) is affected by CVE-2025-23010: an Improper Link Resolution Before File Access (Link Following) vulnerability that can allow an attacker to manipulate file paths. Concrete details in connected sources indicate affected versions include 10.3.1 and ea...
CVE-2025-23009
A local privilege escalation vulnerability in SonicWall NetExtender Windows 32 and 64 bit client which allows an attacker to trigger an arbitrary file deletion...
CVE-2025-23008
An improper privilege management vulnerability in the SonicWall NetExtender Windows 32 and 64 bit client allows a low privileged attacker to modify configurations...
CVE-2025-23008
An improper privilege management vulnerability in the SonicWall NetExtender Windows 32 and 64 bit client allows a low privileged attacker to modify configurations...
CVE-2025-23008
CVE-2025-23008 affects SonicWall NetExtender Windows client (32/64-bit). The issue is improper privilege management that allows a low-privileged attacker to modify configurations, with high impact on confidentiality, integrity, and availability (per CVSS 3.1). The advisory notes upgrade to a fixe...