CVSS: 7.5EPSS: 0%CPEs: 148EXPL: 0CVE-2021-20027
https://notcve.org/view.php?id=CVE-2021-20027
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls. Una vulnerabilidad de desbordamiento de búfer en SonicOS permite a un atacante remoto causar una denegación de servicio (DoS) mediante el envío de una petición especialmente diseñada. Esta vulnerabilidad afecta a las plataformas SonicOS Gen5, Gen6, Gen7 y a los firewalls virtuales SonicOSv • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 4CVE-2005-1006 – SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities
https://notcve.org/view.php?id=CVE-2005-1006
Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file. • https://www.exploit-db.com/exploits/25331 http://archives.neohapsis.com/archives/bugtraq/2005-04/0041.html http://secunia.com/advisories/14823 http://securitytracker.com/id?1013638 http://www.oliverkarow.de/research/SonicWall.txt http://www.osvdb.org/15261 http://www.osvdb.org/15262 http://www.securityfocus.com/bid/12984 https://exchange.xforce.ibmcloud.com/vulnerabilities/19958 https://exchange.xforce.ibmcloud.com/vulnerabilities/19960 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2001-1104 – Linux Kernel 2.2 - Predictable TCP Initial Sequence Number
https://notcve.org/view.php?id=CVE-2001-1104
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions. • https://www.exploit-db.com/exploits/19522 http://www.securityfocus.com/archive/1/199632 http://www.securityfocus.com/bid/3098 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2000-1097
https://notcve.org/view.php?id=CVE-2000-1097
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0406.html http://archives.neohapsis.com/archives/bugtraq/2000-11/0435.html http://www.osvdb.org/1667 http://www.securityfocus.com/bid/2013 https://exchange.xforce.ibmcloud.com/vulnerabilities/5596 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2000-1098
https://notcve.org/view.php?id=CVE-2000-1098
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0435.html http://archives.neohapsis.com/archives/bugtraq/2000-11/0439.html •