📦 Sonicos

A format string vulnerability in SonicOS SSL VPN interface allows remote unauthenticated attackers to execute arbitrary code or cause denial of service by sending specially crafted requests. This affe...

An improper access control vulnerability in SonicWall SonicOS management interface allows attackers to bypass authentication and access restricted resources. In worst cases, it can cause firewall cras...

CVE-2024-3596 allows a local attacker to forge RADIUS protocol responses by exploiting MD5 collisions, enabling them to modify authentication outcomes. This affects any system using RADIUS under RFC 2...

An improper authentication vulnerability in SonicWall SonicOS SSL-VPN allows remote attackers to bypass authentication under specific conditions. This affects organizations using SonicWall firewalls w...

CVE-2022-22274 is a critical stack-based buffer overflow vulnerability in SonicOS firewalls that allows remote unauthenticated attackers to trigger denial of service or potentially execute arbitrary c...

CVE-2020-5135 is a critical buffer overflow vulnerability in SonicOS firewalls that allows remote attackers to cause denial of service or potentially execute arbitrary code by sending malicious reques...

A stack-based buffer overflow vulnerability in SonicOS SSLVPN service allows remote unauthenticated attackers to cause denial of service by crashing affected firewalls. This affects SonicWall firewall...

A stack-based buffer overflow vulnerability in SonicOS HTTP server allows authenticated remote attackers to cause Denial of Service (DoS) by exploiting improper bounds checking in the sscanf function....

CVE-2023-41713 is a hard-coded password vulnerability in SonicWall SonicOS affecting the 'dynHandleBuyToolbar' demo function. This allows attackers to bypass authentication and potentially gain admini...

A stack-based buffer overflow vulnerability in SonicOS allows remote unauthenticated attackers to trigger a denial of service by crashing affected firewalls. This affects SonicWall firewalls running v...

This vulnerability in SonicWall firewalls allows attackers to bypass security policies by sending TCP traffic through HTTP/S channels from WAN to DMZ before TCP handshake completion. This could lead t...

A stack-based buffer overflow vulnerability in SonicOS firewalls allows remote authenticated attackers to cause denial of service and potentially execute arbitrary code by sending specially crafted HT...

CVE-2021-20019 is a memory disclosure vulnerability in SonicOS HTTP servers where crafted HTTP requests can leak partial memory contents. This could expose sensitive internal data like credentials, se...

This OpenSSL vulnerability allows certificate chain validation to be bypassed when the X509_V_FLAG_X509_STRICT flag is explicitly set. It affects applications using OpenSSL 1.1.1h-1.1.1j that enable s...

A post-authentication NULL pointer dereference vulnerability in SonicOS firewalls allows authenticated remote attackers to cause a denial of service by crashing the firewall. This affects organization...

This CVE describes post-authentication stack-based buffer overflow vulnerabilities in SonicOS management interfaces. Attackers with valid credentials can exploit improper bounds checking in an API end...