CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

sonicwall

email_security_appliance_7000_firmware

5 known vulnerabilities · sorted by CVSS score

CVE-2021-20021

CRITICAL9.8

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.

sonicwall / email_security+10

Network

Published Apr 9, 2021

CVE-2025-40604

CRITICAL9.8

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.

sonicwall / email_security_appliance_5000_firmware+4

Network

Published Nov 20, 2025

CVE-2021-20022

HIGH7.2

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.

sonicwall / email_security+10

Network

Published Apr 9, 2021

CVE-2025-40605

MEDIUM5.3

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.

sonicwall / email_security_appliance_5000_firmware+4

Network

Published Nov 20, 2025

CVE-2021-20023

MEDIUM4.9

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.

sonicwall / email_security+10

Network

Published Apr 20, 2021