Vulnerability Details CVE-2020-5146
A vulnerability in SonicWall SMA100 appliance allow an authenticated management-user to perform OS command injection using HTTP POST parameters. This vulnerability affected SMA100 Appliance version 10.2.0.2-20sv and earlier.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 81.9%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 9.0
References
Products affected by CVE-2020-5146
-
cpe:2.3:h:sonicwall:sma_100:-
-
cpe:2.3:o:sonicwall:sma_100_firmware:-
-
cpe:2.3:o:sonicwall:sma_100_firmware:10.0.0.0
-
cpe:2.3:o:sonicwall:sma_100_firmware:10.2.0.2-20sv
-
cpe:2.3:o:sonicwall:sma_100_firmware:9.0.0.0
-
cpe:2.3:o:sonicwall:sma_100_firmware:9.0.0.3
-
cpe:2.3:o:sonicwall:sma_100_firmware:9.0.0.4