CVSS: 10.0EPSS: 89%CPEs: 12EXPL: 6CVE-2013-1359 – SonicWALL Gms 6 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2013-1359
11 Feb 2020 — An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account. Se presenta una Vulnerabilidad de Omisión de Autenticación en DELL SonicWALL Analyzer versión 7.0, Global Management System (GMS) versio... • https://www.exploit-db.com/exploits/24322 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 57%CPEs: 12EXPL: 2CVE-2013-1360 – SonicWALL GMS/Viewpoint/Analyzer - Authentication Bypass
https://notcve.org/view.php?id=CVE-2013-1360
11 Feb 2020 — An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access. Se presenta una vulnerabilidad de Omisión de Autenticación en DELL SonicWALL Global Management System (GMS) versiones 4.1, 5.0, 5.1, 6.0 y 7.0, Analyzer versión 7.0, Univer... • https://www.exploit-db.com/exploits/24203 • CWE-287: Improper Authentication •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 1CVE-2018-5691
https://notcve.org/view.php?id=CVE-2018-5691
14 Jan 2018 — SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module. SonicWall Global Management System (GMS) 8.1 tiene XSS mediante los valores "newName" y "Name" del módulo "/sgms/TreeControl". • http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.9EPSS: 0%CPEs: 4EXPL: 0CVE-2015-3990 – Dell Sonicwall GMS Virtual Appliance Multiple Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2015-3990
15 May 2015 — The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration. La aplicación web GMS ViewPoint (GMSVP) en Dell Sonicwall GMS, Analyzer, y UMA EM5000 anterior a 7.2 SP4 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través de vectores relacionados con la configuración. This vulnerability allows remote attackers to execute arbitrary code on vu... • http://www.securityfocus.com/bid/74756 • CWE-19: Data Processing Errors •
CVSS: 6.1EPSS: 1%CPEs: 3EXPL: 3CVE-2014-5024
https://notcve.org/view.php?id=CVE-2014-5024
24 Jul 2014 — Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter. Vulnerabilidad de XSS en sgms/panelManager en Dell SonicWALL GMS, Analyzer y UMA anterior a 7.2 SP1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrario a través del parámetro node_id. • http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 10EXPL: 1CVE-2014-0332 – DELL SonicWALL Universal Management Suite 7.1 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2014-0332
12 Feb 2014 — Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action. Vulnerabilidad de XSS en mainPage en Dell SonicWALL GMS anterior a 7.1 SP2, SonicWALL Analyzer anterior a 7.1 SP2 y SonicWALL UMA E5000 anterior a 7.1 SP2 podría permitir a atacantes remotos inyectar script W... • https://packetstorm.news/files/id/125180 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 1%CPEs: 10EXPL: 5CVE-2013-7025 – SonicWALL Gms 7.x - Filter Bypass / Persistent
https://notcve.org/view.php?id=CVE-2013-7025
09 Dec 2013 — Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp. Múltiples vulnerabilidades XSS en ematStaticAlertTypes.jsp en la sección de ajustes de alertas en Dell SonicWALL Global Management System (GMS), Analyz... • https://www.exploit-db.com/exploits/30054 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •