Sonicwall: >> Sonicos >> 7.1.1-7040 Security Vulnerabilities
CVE-2024-53704
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
Known exploited
CVSS Score
9.8
EPSS Score
0.938
Published
2025-01-09
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS).
CVSS Score
7.5
EPSS Score
0.006
Published
2024-07-18
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
CVSS Score
7.5
EPSS Score
0.025
Published
2024-06-20
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.
CVSS Score
6.5
EPSS Score
0.025
Published
2024-06-20
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.
This issue affects only firmware version SonicOS 7.1.1-7040.
CVSS Score
9.8
EPSS Score
0.009
Published
2024-02-08
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-06-14
SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-01-08