Sonicwall: >> Email Security Appliance 7000 Firmware >> 10.0.9.6105 Security Vulnerabilities
Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-11-20
A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-11-20
CVE-2021-20023
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
Known exploited
CVSS Score
4.9
EPSS Score
0.542
Published
2021-04-20