CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 3CVE-2020-5147 – SonicWall NetExtender 10.2.0.300 - Unquoted Service Path
https://notcve.org/view.php?id=CVE-2020-5147
09 Jan 2021 — SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier. El cliente SonicWall NetExtender Windows es susceptible a una vulnerabilidad ruta de servicio sin comillas, esto permite a un atacante local alcanzar privilegios elevados en el sistema operativo host. Esta vulnerabilidad afecta al cliente ... • https://packetstorm.news/files/id/163857 • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5131
https://notcve.org/view.php?id=CVE-2020-5131
17 Jul 2020 — SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier. El cliente de SonicWall NetExtender Windows es susceptible a una vulnerabilidad de escritura arbitraria de archivos, esto permite al atacante sobrescribir una DLL y ejecutar código con el mismo privilegio en el sistema ope... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0004 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4173 – Dell SonicWall NetExtender 7.5.215 Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-4173
25 Aug 2015 — Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. Vulnerabilidad en búsqueda de directorio sin entrecomillar en Windows en el valor autorun en Dell SonicWall NetExtender en versiones anteriores a 7.5.227 y 8.0.x en versiones anteriores a 8.0.238, tal como ... • http://packetstormsecurity.com/files/133302/Dell-SonicWall-NetExtender-7.5.215-Privilege-Escalation.html • CWE-428: Unquoted Search Path or Element •