365 matches found
CVE-2026-8482
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
CVE-2026-8482 Information leak in NSRPC client history
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
CVE-2026-8482
StormShield Network Security versions affected: 4.3.0–4.3.41, 4.8.0–4.8.15, and 5.0.0–5.0.5. A disclosed information-leak vulnerability arises when administration commands are executed via the CLI tool. If an attacker gains SSH access to the firewall (in SSH multiuser mode), they may obtain sensi...
EUVD-2026-41271
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
CVE-2026-8480
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...
CVE-2026-8480 Connection possible to the Administration portal with a revoked certificate
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...
CVE-2026-8480
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...
CVE-2026-8474
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...
CVE-2026-8474
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...
CVE-2026-8474
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...
CVE-2026-8474 Possible to run a Cross Site Scripting request on the login API available on Stormshield SNS appliances.
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...
CVE-2026-8474 Possible to run a Cross Site Scripting request on the login API available on Stormshield SNS appliances.
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...
EUVD-2026-33586
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...
CVE-2026-8474
Stormshield Network Security (Stormshield SNS) is affected by CVE-2026-8474. The issue affects SNS appliances running: 4.3.0–4.3.41, 4.8.0–4.8.15, and 5.0.0–5.0.5. It enables a reflected cross-site scripting (XSS) attack targeting the login API, achievable by executing a script on the victim’s br...
Stormshield Network Security 安全漏洞
Stormshield Network Security SNS is a next-generation UTM Unified Threat Management firewall developed by the French company Stormshield. Versions 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, and 5.0.0 to 5.0.5 of Stormshield Network Security contain security vulnerabilities. These vulnerabilities stem from...
PT-2026-45387
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...
CVE-2021-27932
Stormshield Network Security SNS VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions...
CVE-2021-28127
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur...
CVE-2021-28096
An issue was discovered in Stormshield SNS before 4.2.3 when the proxy is used. An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections...
CVE-2021-31814
In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client...