NotCVE - vendor:"Sonicwall" product:"Sma 100 Firmware" version:" <= 9.0.0.4"

Page 2 of 9 results (0.015 seconds)

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2019-7484

https://notcve.org/view.php?id=CVE-2019-7484

Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. Una inyección SQL autenticada en SonicWall SMA100, permite al usuario conseguir acceso de solo lectura a recursos no autorizados utilizando el script viewcacert CGI. Esta vulnerabilidad impactó a SMA100 versión 9.0.0.3 y anteriores. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0019 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2019-7482

https://notcve.org/view.php?id=CVE-2019-7482

Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. Un desbordamiento de búfer en la región heap de la memoria en SonicWall SMA100, permite a un usuario no autenticado ejecutar código arbitrario en la función libSys.so. Esta vulnerabilidad impactó a SMA100 versión 9.0.0.3 y anteriores. • https://github.com/b4bay/CVE-2019-7482 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0017 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

CVE-2019-7483 – SonicWall SMA100 Directory Traversal Vulnerability

https://notcve.org/view.php?id=CVE-2019-7483

In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server. En SonicWall SMA100, una vulnerabilidad de Salto de Directorio no autenticada en el handleWAFRedirect CGI permite al usuario probar la presencia de un archivo en el servidor. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0018 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 91%CPEs: 2EXPL: 0

CVE-2019-7481 – SonicWall SMA100 SQL Injection Vulnerability

https://notcve.org/view.php?id=CVE-2019-7481

Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier. Una vulnerabilidad en SonicWall SMA100, permite a usuarios no autenticados conseguir acceso de solo lectura a recursos no autorizados. Esta vulnerabilidad impacta a SMA100 versión 9.0.0.3 y anteriores. SonicWall SMA100 contains a SQL injection vulnerability allowing an unauthenticated user to gain read-only access to unauthorized resources. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0016 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

1 2