CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23007
https://notcve.org/view.php?id=CVE-2025-23007
30 Jan 2025 — A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0005 • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •
CVSS: 10.0EPSS: 70%CPEs: 9EXPL: 0CVE-2025-23006 – SonicWall SMA1000 Appliances Deserialization Vulnerability
https://notcve.org/view.php?id=CVE-2025-23006
23 Jan 2025 — Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands. Se ha identificado una vulnerabilidad de deserialización de datos no confiables antes de la autenticación en SMA1000 Appliance Management Console (AMC) y Central Management Console (CMC), que en condiciones específi... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12802
https://notcve.org/view.php?id=CVE-2024-12802
09 Jan 2025 — SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0001 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12806
https://notcve.org/view.php?id=CVE-2024-12806
09 Jan 2025 — A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004 • CWE-37: Path Traversal: '/absolute/pathname/here' •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12805
https://notcve.org/view.php?id=CVE-2024-12805
09 Jan 2025 — A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12803
https://notcve.org/view.php?id=CVE-2024-12803
09 Jan 2025 — A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40765
https://notcve.org/view.php?id=CVE-2024-40765
09 Jan 2025 — An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0013 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40762 – SonicWALL NSv Cryptographically Weak PRNG Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-40762
09 Jan 2025 — Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass. This vulnerability allows remote attackers to bypass authentication on affected installations of SonicWALL NSv. Authentication is not required to exploit this vulnerability. The specific flaw exists within the generation of cookies. The issue results from the use of a cryptographically ... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 10.0EPSS: 91%CPEs: 1EXPL: 1CVE-2024-53704 – SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2024-53704
09 Jan 2025 — An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. This vulnerability allows remote attackers to bypass authentication on affected installations of SonicWALL NSv. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Base64-encoded session cookies. The issue results from an incorrect implementation of an authentication algorithm. An attacker can leverage this vulnerabilit... • https://github.com/istagmbh/CVE-2024-53704 • CWE-287: Improper Authentication •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53705 – SonicWALL NSv SSH Management Server-Side Request Forgery Vulnerability
https://notcve.org/view.php?id=CVE-2024-53705
09 Jan 2025 — A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall. This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of SonicWALL NSv. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SSH Manageme... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 • CWE-918: Server-Side Request Forgery (SSRF) •