Sonicos Security Vulnerabilities - 2023
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
7.5CVSS
8.1AI Score
0.002EPSS
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.
8.8CVSS
8.4AI Score
0.001EPSS
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
6.5CVSS
6.6AI Score
0.001EPSS
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
6.5CVSS
6.6AI Score
0.001EPSS
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.
6.5CVSS
6.5AI Score
0.001EPSS
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
6.5CVSS
6.4AI Score
0.001EPSS
SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
6.5CVSS
6.4AI Score
0.001EPSS
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
6.5CVSS
6.4AI Score
0.001EPSS
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
6.5CVSS
6.4AI Score
0.001EPSS
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
7.5CVSS
7.5AI Score
0.001EPSS
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
8.8CVSS
8.5AI Score
0.001EPSS