Shodan
Vulnerabilities
Vulnerable Software
Sonicwall:  >> Analytics  Security Vulnerabilities
CVE-2023-34125
Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
6.5
EPSS Score
0.132
Published
2023-07-13
CVE-2023-34126
Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-07-13
CVE-2023-34127
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
8.8
EPSS Score
0.909
Published
2023-07-13
CVE-2023-34128
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-07-13
CVE-2023-34123
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-07-13
CVE-2022-22280
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions.
CVSS Score
9.8
EPSS Score
0.039
Published
2022-07-29
CVE-2021-20032
SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier.
CVSS Score
9.8
EPSS Score
0.01
Published
2021-08-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved