CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-5137
https://notcve.org/view.php?id=CVE-2020-5137
A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. Una vulnerabilidad de desbordamiento del búfer en SonicOS, permite a un atacante remoto no autenticado causar una Denegación de Servicio (DoS) en el servicio SSLVPN del firewall y conlleva a un bloqueo del firewall. Esta vulnerabilidad afectó a SonicOS Gen 5 versiones 5.9.1.7, 5.9.1.13, Gen 6 versiones 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv versión 6.5.4.v y Gen 7 versión 7.0.0.0 • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-5134
https://notcve.org/view.php?id=CVE-2020-5134
A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. Una vulnerabilidad en SonicOS, permite a un atacante autenticado causar una referencia de archivos no válidos fuera del límite que causan un bloqueo del firewall. Esta vulnerabilidad afectó a SonicOS Gen 6 versiones 6.5.1.12, 6.0.5.3, SonicOSv versión 6.5.4.v y Gen 7 versión 7.0.0.0 • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2020-5135 – SonicWall SonicOS Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2020-5135
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. Una vulnerabilidad de desbordamiento del búfer en SonicOS, permite a un atacante remoto causar una Denegación de servicio (DoS) y ejecutar potencialmente código arbitrario mediante el envío de una petición maliciosa al firewall. Esta vulnerabilidad afectó a SonicOS Gen 6 versiones 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv versión 6.5.4.v y Gen 7 versión 7.0.0.0 A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-5133
https://notcve.org/view.php?id=CVE-2020-5133
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. Una vulnerabilidad en SonicOS, permite a un atacante remoto no autenticado causar una denegación de servicio debido a un desbordamiento del búfer, lo que conlleva a un bloqueo del firewall. Esta vulnerabilidad afectó a SonicOS Gen 6 versiones 6.5.1.12, 6.0.5.3, SonicOSv versión 6.5.4.v y Gen 7 versión 7.0.0.0 • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2015-3447
https://notcve.org/view.php?id=CVE-2015-3447
Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter. Múltiples vulnerabilidades de XSS en macIpSpoofView.html en Dell SonicWall SonicOS 7.5.0.12 y 6.x permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro (1) searchSpoof o (2) searchSpoofIpDet. • http://seclists.org/fulldisclosure/2015/Apr/97 http://www.securityfocus.com/archive/1/535393/100/0/threaded http://www.securityfocus.com/bid/74406 http://www.securitytracker.com/id/1032204 http://www.vulnerability-lab.com/get_content.php?id=1359 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •