CVE-2023-39279
https://notcve.org/view.php?id=CVE-2023-39279
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash. La vulnerabilidad de desbordamiento del búfer basado posterior a la autenticación de SonicOS en el endpoint de URL getPacketReplayData.json provoca una falla del firewall. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-39278
https://notcve.org/view.php?id=CVE-2023-39278
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash. La falla de aserción del usuario posterior a la autenticación de SonicOS conduce a una vulnerabilidad de desbordamiento del búfer a través de main.cgi que provoca una falla del firewall. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-39277
https://notcve.org/view.php?id=CVE-2023-39277
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash. La vulnerabilidad de desbordamiento del búfer de autenticación posterior de SonicOS en los endpoints de URL sonicflow.csv y appflowsessions.csv provoca una falla del firewall. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-39276
https://notcve.org/view.php?id=CVE-2023-39276
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash. La vulnerabilidad de desbordamiento del búfer de autenticación posterior de SonicOS en el endpoint de la URL getBookmarkList.json provoca una falla del firewall. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-44218
https://notcve.org/view.php?id=CVE-2023-44218
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability. Una falla dentro de la función SonicWall NetExtender Pre-Logon permite que un usuario no autorizado obtenga acceso al sistema operativo Windows host con privilegios de nivel 'SYSTEM', lo que genera una vulnerabilidad de escalada de privilegios local (LPE). • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0014 • CWE-267: Privilege Defined With Unsafe Actions •