CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

sonicwall

sma_500v

3 known vulnerabilities · sorted by CVSS score

CVE-2021-20016

CRITICAL9.8

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.

sonicwall / sma_100_firmware+5

Network

Published Feb 4, 2021

CVE-2021-20034

CRITICAL9.1

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

sonicwall / sma_200_firmware+14

Network

Published Sep 27, 2021

CVE-2021-20035

MEDIUM6.5

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.

sonicwall / sma_200_firmware+14

Network

Published Sep 27, 2021