CVSS: 10.0EPSS: 94%CPEs: 398EXPL: 421CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
10 Dec 2021 — Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.... • https://packetstorm.news/files/id/171626 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 9.8EPSS: 2%CPEs: 15EXPL: 0CVE-2021-20045
https://notcve.org/view.php?id=CVE-2021-20045
08 Dec 2021 — A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. Una vulnerabilidad de desbordamiento de búfer en el método RAC_COPY_TO (RacNumber 36) de SMA100 permite a un atacante remoto no autenticado ejecutar potencialmente código como el usuario "nobody" en el dispositivo. Esta vulnerabilidad afecta a l... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 4%CPEs: 15EXPL: 0CVE-2021-20044
https://notcve.org/view.php?id=CVE-2021-20044
08 Dec 2021 — A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS system commands in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. Una vulnerabilidad de inyección de comandos remotos después de la autenticación en SonicWall SMA100 permite a un atacante remoto autenticado ejecutar comandos del Sistema Operativo en el dispositivo. Esta vulnerabilidad afecta a los dispositivos SMA 200, 210, 400, 410 y 5... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 1%CPEs: 15EXPL: 0CVE-2021-20043
https://notcve.org/view.php?id=CVE-2021-20043
08 Dec 2021 — A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. Una vulnerabilidad de desbordamiento del búfer en la región Heap de la memoria en el método getBookmarks de SonicWall SMA100 permite a un atacante remoto autenticado ejecutar potencialmente código como el usuario nobody en el dispositivo. Esta vulnerabi... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-20042
https://notcve.org/view.php?id=CVE-2021-20042
08 Dec 2021 — An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. Un atacante remoto no autenticado puede usar el SMA 100 como un proxy no intencionado o un proxy no detectable para omitir las reglas del firewall. Esta vulnerabilidad afecta a los dispositivos SMA 200, 210, 400, 410 y 500v • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 • CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-20041
https://notcve.org/view.php?id=CVE-2021-20041
08 Dec 2021 — An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. Un adversario no autenticado y remoto puede consumir toda la CPU del dispositivo debido a peticiones HTTP diseñadas enviadas a SMA100 /fileshare/sonicfiles/sonicfiles, lo que provoca un bucle con condición de salida inalcanzable. Esta... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 6%CPEs: 15EXPL: 0CVE-2021-20040
https://notcve.org/view.php?id=CVE-2021-20040
08 Dec 2021 — A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. Una vulnerabilidad de salto de ruta relativo en la función upload de SMA100 permite a un atacante remoto no autenticado cargar páginas web o archivos diseñados como usuario "nobody". Esta vulnerabilidad afecta a los dispositivos SMA 200, 210, 400, 410 y 500v • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 9.0EPSS: 53%CPEs: 20EXPL: 2CVE-2021-20039 – SonicWall SMA 100 Series Authenticated Command Injection
https://notcve.org/view.php?id=CVE-2021-20039
08 Dec 2021 — Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. Una neutralización inapropiada de elementos especiales en el método http POST de la interfaz de administración de SMA100 "/cgi-bin/viewcert" permite a un atacante remoto autenticado inyectar comandos arbitrarios como usuario "nobody". E... • https://packetstorm.news/files/id/165563 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 94%CPEs: 20EXPL: 3CVE-2021-20038 – SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-20038
08 Dec 2021 — A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions. Una vulnerabilidad de desbordamiento de búfer en la región Stack de la memoria en las variables de entorno del módulo mod_cgi del servidor httpd de... • https://github.com/vesperp/CVE-2021-20038-SonicWall-RCE • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 14%CPEs: 19EXPL: 0CVE-2021-20035 – SonicWall SMA100 Appliances OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-20035
27 Sep 2021 — Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS. Una neutralización inapropiada de los elementos especiales en la interfaz de administración de SMA100 permite a un atacante remoto autenticado inyectar comandos arbitrarios como usuario "nobody", que conlleva potencialmente a un DoS SonicWall SMA100 appliances contain an OS command injection vulnerability in the ... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •