Shodan
Vulnerabilities
Vulnerable Software
Sonicwall:  >> Sonicos  Security Vulnerabilities
CVE-2023-41715
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-10-17
CVE-2023-39276
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-10-17
CVE-2023-39277
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-10-17
CVE-2023-39278
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-10-17
CVE-2023-39279
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-10-17
CVE-2023-39280
SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-10-17
CVE-2023-0656
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
CVSS Score
7.5
EPSS Score
0.437
Published
2023-03-02
CVE-2023-1101
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-03-02
CVE-2022-22275
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-27
CVE-2022-22274
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
CVSS Score
9.8
EPSS Score
0.492
Published
2022-03-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved