Sma 200 Firmware@10.2.1.2-24sv Security Vulnerabilities and Issues — Sma 200 Firmware@10.2.1.2-24sv CVE List

Lucene search

SonicwallSma 200 Firmware10.2.1.2-24sv

3 matches found

CVE•added 2021/12/08 10:15 a.m.•1066 views

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware ...

9.8CVSS9.6AI score0.94311EPSS

CVE•added 2021/12/23 2:15 a.m.•48 views

CVE-2021-20049

A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions.

7.5CVSS7.6AI score0.00453EPSS

CVE•added 2021/12/23 2:15 a.m.•47 views

CVE-2021-20050

An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.

7.5CVSS7.9AI score0.00217EPSS