CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2021-20028 – SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-20028
Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier Una neutralización inapropiada de un Comando SQL conllevando una vulnerabilidad de Inyección SQL impactando a los productos Secure Remote Access (SRA) al final de su vida útil, concretamente a dispositivos SRA que ejecutan todo el firmware 8.x y 9.0.0.9-26sv o anteriores SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0017 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •