Shodan
Vulnerabilities
Vulnerable Software
Sonicwall:  Security Vulnerabilities
CVE-2023-39279
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-10-17
CVE-2023-39280
SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-10-17
CVE-2023-44217
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-44218
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-34131
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
5.3
EPSS Score
0.003
Published
2023-07-13
CVE-2023-34132
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
9.8
EPSS Score
0.682
Published
2023-07-13
CVE-2023-34133
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
7.5
EPSS Score
0.852
Published
2023-07-13
CVE-2023-34134
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-07-13
CVE-2023-34135
Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-07-13
CVE-2023-34136
Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-07-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved