Lucene search
K
SonicwallNetextender

9 matches found

CVE
CVE
added 2021/01/09 12:15 a.m.193 views

CVE-2020-5147

CVE-2020-5147 affects SonicWall NetExtender Windows client (version 10.2.300 and earlier). The root cause is an unquoted service path, enabling a local attacker to gain elevated privileges on the host. The CVE description in multiple sources confirms the vulnerable component as the NetExtender Wi...

5.3CVSS5.6AI score0.01658EPSS
CVE
CVE
added 2022/05/13 7:40 p.m.102 views

CVE-2022-22281

CVE-2022-22281 affects SonicWall SSL-VPN NetExtender Windows Client (32/64‑bit) up to version 10.2.322. The root cause is a boundary/stack‑based buffer overflow in NetExtender, allowing a local attacker to potentially execute arbitrary code on the Windows host. Impact is high (local, code executi...

7.8CVSS7.9AI score0.00474EPSS
CVE
CVE
added 2023/10/03 8:0 a.m.78 views

CVE-2023-44218

SonicWall NetExtender Pre-Logon vulnerability (CVE-2023-44218) affects the Windows NetExtender Pre-Logon feature, enabling local privilege escalation to SYSTEM. The root cause is described as insecure privilege management. Impact is unauthorized host access with SYSTEM privileges; no exploit deta...

8.8CVSS7.8AI score0.00202EPSS
CVE
CVE
added 2024/07/18 7:37 a.m.72 views

CVE-2024-29014

SonicWall SMA100 NetExtender Windows client (32/64-bit) versions 10.2.339 and earlier are affected by CVE-2024-29014 due to incorrect handling of EPC Client updates in the Enable Client Autoupdate service, enabling arbitrary code execution. Impact is remote code execution with high privileges on ...

8.8CVSS7.3AI score0.01864EPSS
CVE
CVE
added 2023/10/27 7:44 a.m.68 views

CVE-2023-44220

CVE-2023-44220 affects SonicWall NetExtender Windows client (32-bit and 64-bit) versions 10.2.336 and earlier. The root cause is a DLL Search Order Hijacking vulnerability in the startup DLL component, which could allow a local attacker to execute commands on the target system. Exploitation is de...

7.3CVSS7.1AI score0.00294EPSS
CVE
CVE
added 2023/10/03 7:54 a.m.61 views

CVE-2023-44217

SonicWall Net Extender MSI client for Windows is affected (versions 10.2.336 and earlier). The issue is a local privilege escalation where a low-privileged user can gain SYSTEM by abusing the REPAIR function, related to insecure privilege management. Public details indicate the vulnerability aris...

7.8CVSS7.8AI score0.00178EPSS
CVE
CVE
added 2024/01/17 11:57 p.m.58 views

CVE-2023-6340

SonicWall reports that Capture Client 3.7.10 and NetExtender Windows client 10.2.337 and earlier install with the sfpmonitor.sys driver. The driver has a stack-based buffer overflow that can be triggered by crafted queries, leading to Denial of Service and potentially kernel memory overwrite with...

5.5CVSS5.5AI score0.00213EPSS
CVE
CVE
added 2015/08/26 7:0 p.m.53 views

CVE-2015-4173

Dell SonicWall NetExtender is affected by CVE-2015-4173, a local privilege-escalation due to an unquoted Windows search path in the autorun value. Affected as: NetExtender before 7.5.227 and 8.0.x before 8.0.238, used with SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv. Root cause: ...

6.9CVSS8.7AI score0.02066EPSS
CVE
CVE
added 2020/07/17 5:15 p.m.44 views

CVE-2020-5131

CVE-2020-5131 affects SonicWall NetExtender Windows client up to version 9.0.815. The vulnerability is an arbitrary file write that enables overwriting a DLL, allowing code execution with the same privileges on the host OS. The CVE is described in multiple sources (e.g., Red Hat advisory and CNVD...

7.8CVSS7.7AI score0.00548EPSS