Sonicos Security Vulnerabilities and Issues — Sonicos CVE List

Lucene search

SonicwallSonicos

6 matches found

CVE•added 2024/07/09 12:15 p.m.•4354 views

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

9CVSS6.4AI score0.29718EPSS

CVE•added 2024/08/23 7:15 a.m.•398 views

CVE-2024-40766

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 dev...

9.8CVSS6.7AI score0.11099EPSS

In wild

CVE•added 2024/02/08 2:15 a.m.•94 views

CVE-2024-22394

An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. This issue affects only firmware version SonicOS 7.1.1-7040.

9.8CVSS9.4AI score0.00637EPSS

CVE•added 2024/07/18 8:15 a.m.•66 views

CVE-2024-40764

Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS).

7.5CVSS7.5AI score0.06153EPSS

CVE•added 2024/06/20 9:15 a.m.•60 views

CVE-2024-29013

Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.

6.5CVSS7.4AI score0.02537EPSS

CVE•added 2024/06/20 9:15 a.m.•49 views

CVE-2024-29012

Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.

7.5CVSS7.4AI score0.02495EPSS