Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sma_210_firmware
(Sonicwall)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 24 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-04-13 | CVE-2022-22279 | A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions | Sma_210_firmware, Sma_410_firmware, Sma_500v_firmware, Sra_1200_firmware, Sra_4200_firmware | 4.9 | ||
| 2022-06-08 | CVE-2022-1703 | Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service (DoS) attack. | Sma_210_firmware, Sma_410_firmware, Sma_500v_firmware | 8.8 | ||
| 2022-08-26 | CVE-2022-2915 | A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions. | Sma_200_firmware, Sma_210_firmware, Sma_400_firmware, Sma_410_firmware, Sma_500v_firmware | 8.8 | ||
| 2023-12-05 | CVE-2023-5970 | Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass. | Sma_200_firmware, Sma_210_firmware, Sma_400_firmware, Sma_410_firmware, Sma_500v_firmware | 8.8 |