Shodan
Vulnerabilities
Vulnerable Software
Sonicwall:  >> Sonicos  >> 7.1.1-7040  Security Vulnerabilities
CVE-2025-40601
A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-20
CVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-07-29
CVE-2024-53704
Known exploited
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
CVSS Score
9.8
EPSS Score
0.938
Published
2025-01-09
CVE-2024-40764
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS).
CVSS Score
7.5
EPSS Score
0.064
Published
2024-07-18
CVE-2024-29012
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
CVSS Score
7.5
EPSS Score
0.022
Published
2024-06-20
CVE-2024-29013
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.
CVSS Score
6.5
EPSS Score
0.013
Published
2024-06-20
CVE-2024-22394
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.  This issue affects only firmware version SonicOS 7.1.1-7040.
CVSS Score
9.8
EPSS Score
0.009
Published
2024-02-08
CVE-2021-20027
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-06-14
CVE-2018-5281
SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-01-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved