Sonicos Security Vulnerabilities and Issues — Sonicos CVE List

Lucene search

SonicwallSonicos

6 matches found

CVE•added 2019/08/09 7:15 p.m.•192 views

CVE-2019-12263

Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.

8.1CVSS8.7AI score0.01422EPSS

CVE•added 2019/08/09 6:15 p.m.•138 views

CVE-2019-12257

Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.

8.8CVSS9.3AI score0.24353EPSS

CVE•added 2023/03/02 10:15 p.m.•91 views

CVE-2023-1101

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.

8.8CVSS8.4AI score0.00256EPSS

CVE•added 2023/10/17 11:15 p.m.•46 views

CVE-2023-41715

SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.

8.8CVSS8.5AI score0.00274EPSS

CVE•added 2022/01/10 2:10 p.m.•36 views

CVE-2021-20046

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.

8.8CVSS8.6AI score0.00935EPSS

CVE•added 2022/01/10 2:10 p.m.•35 views

CVE-2021-20048

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.

8.8CVSS8.7AI score0.00935EPSS