CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12802
https://notcve.org/view.php?id=CVE-2024-12802
09 Jan 2025 — SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0001 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12806
https://notcve.org/view.php?id=CVE-2024-12806
09 Jan 2025 — A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004 • CWE-37: Path Traversal: '/absolute/pathname/here' •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12805
https://notcve.org/view.php?id=CVE-2024-12805
09 Jan 2025 — A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12803
https://notcve.org/view.php?id=CVE-2024-12803
09 Jan 2025 — A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40765
https://notcve.org/view.php?id=CVE-2024-40765
09 Jan 2025 — An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0013 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40762 – SonicWALL NSv Cryptographically Weak PRNG Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-40762
09 Jan 2025 — Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass. This vulnerability allows remote attackers to bypass authentication on affected installations of SonicWALL NSv. Authentication is not required to exploit this vulnerability. The specific flaw exists within the generation of cookies. The issue results from the use of a cryptographically ... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 10.0EPSS: 91%CPEs: 1EXPL: 1CVE-2024-53704 – SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2024-53704
09 Jan 2025 — An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. This vulnerability allows remote attackers to bypass authentication on affected installations of SonicWALL NSv. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Base64-encoded session cookies. The issue results from an incorrect implementation of an authentication algorithm. An attacker can leverage this vulnerabilit... • https://github.com/istagmbh/CVE-2024-53704 • CWE-287: Improper Authentication •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53705 – SonicWALL NSv SSH Management Server-Side Request Forgery Vulnerability
https://notcve.org/view.php?id=CVE-2024-53705
09 Jan 2025 — A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall. This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of SonicWALL NSv. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SSH Manageme... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53706 – SonicWALL NSv setSshdConfig Exposed Dangerous Function Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-53706
09 Jan 2025 — A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution. This vulnerability allows local attackers to escalate privileges on affected installations of SonicWALL NSv. An attacker must first obtain the ability to execute low-privileged code on the target system or send a TCP packet to a local service in order to exploit this vulnerability. The specific flaw exists within the setSs... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 75%CPEs: 1EXPL: 0CVE-2024-40766 – SonicWall SonicOS Improper Access Control Vulnerability
https://notcve.org/view.php?id=CVE-2024-40766
23 Aug 2024 — An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the ... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 • CWE-284: Improper Access Control •