CVSS: 9.0EPSS: 91%CPEs: 4EXPL: 1CVE-2023-34127 – Sonicwall GMS 9.9.9320 Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-34127
13 Jul 2023 — Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. • https://packetstorm.news/files/id/174571 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34126
https://notcve.org/view.php?id=CVE-2023-34126
13 Jul 2023 — Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34125
https://notcve.org/view.php?id=CVE-2023-34125
13 Jul 2023 — Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-27: Path Traversal: 'dir/../../filename' •
CVSS: 10.0EPSS: 62%CPEs: 4EXPL: 1CVE-2023-34124 – SonicWALL GMS Virtual Appliance HttpDigestAuthenticator Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-34124
13 Jul 2023 — The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. This vulnerability allows remote attackers to bypass authentication on affected installations of SonicWALL GMS Virtual Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpDigestAuthenticator class. The issue results from ... • https://packetstorm.news/files/id/174571 • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-34123
https://notcve.org/view.php?id=CVE-2023-34123
12 Jul 2023 — Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 3%CPEs: 3EXPL: 0CVE-2022-22280
https://notcve.org/view.php?id=CVE-2022-22280
29 Jul 2022 — Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions. Una Neutralización Inadecuada de Elementos Especiales usados en un Comando SQL conllevando a una vulnerabilidad de inyección SQL no autenticada, que afecta a SonicWall GMS versión 9.3.1-SP2-Hotfix1, Analytics On-Prem versiones 2.5.0.3-2520 y anteriores • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 94%CPEs: 398EXPL: 413CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
10 Dec 2021 — Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.... • https://packetstorm.news/files/id/171626 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-20032
https://notcve.org/view.php?id=CVE-2021-20032
10 Aug 2021 — SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier. SonicWall Analytics versión 2.5 On-Prem es vulnerable a la vulnerabilidad de seguridad de la interfaz Java Debug Wire Protocol (JDWP) que potencialmente conlleva a una Ejecución de Código Remota. Esta vulnerabilidad afecta a Analytics On-Prem versiones 2.5.2518 y ... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0018 • CWE-16: Configuration •