CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Sonicwall: >> Sma 400 Firmware >> 9.0.0.11-31sv Security Vulnerabilities

CVE-2021-20042

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

CVSS Score

9.8

EPSS Score

0.008

Published

2021-12-08

CVE-2021-20039

Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

CVSS Score

8.8

EPSS Score

0.537

Published

2021-12-08

Page 2

Vulnerabilities

Vulnerable Software

Sonicwall: >> Sma 400 Firmware >> 9.0.0.11-31sv Security Vulnerabilities

Products

Pricing

Contact Us