CVSS: 8.8EPSS: 0%CPEs: 71EXPL: 0CVE-2023-1101
https://notcve.org/view.php?id=CVE-2023-1101
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0655
https://notcve.org/view.php?id=CVE-2023-0655
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0002 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 21%CPEs: 2EXPL: 0CVE-2023-0126
https://notcve.org/view.php?id=CVE-2023-0126
Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory. Vulnerabilidad de path traversal de autenticación previa en la versión 12.4.2 del firmware SMA1000, que permite a un atacante no autenticado acceder a archivos y directorios arbitrarios almacenados fuera del directorio raíz web. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0001 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20030
https://notcve.org/view.php?id=CVE-2021-20030
SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files. SonicWall GMS es vulnerable a la manipulación de rutas de archivos, lo que hace que un atacante no autenticado pueda acceder al directorio web que contiene los archivos binarios y de configuración de la aplicación • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-2915
https://notcve.org/view.php?id=CVE-2022-2915
A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions. Una vulnerabilidad de desbordamiento de búfer en la región Heap de la memoria en el dispositivo SonicWall SMA100 permite a un atacante remoto autenticado causar una Denegación de Servicio (DoS) en el dispositivo o conllevar potencialmente a una ejecución de código. Esta vulnerabilidad afecta a versiones 10.2.1.5-34sv y anteriores. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0019 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •