Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News
Sign In Sign Up

sonicwall

34 Products 151 CVEs

CVE Severity Distribution (Last 90 Days)

Critical
0
High
0
Medium
0
Low
0

Timeline Overview

Last 30 Days 0 CVEs
Last 90 Days 0 CVEs
This Year 9 CVEs

Products

View all

sonicos

103 Versions 56 CVEs

SMA100

14 Versions 22 CVEs

GMS

8 Versions 18 CVEs

Analytics

1 Version 15 CVEs

SonicWall SMA100

5 Versions 11 CVEs

Recent CVEs

View all
CVE-2024-12802 CRITICAL 4 months, 4 weeks ago

SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Accou…

CVE-2024-12806 MEDIUM 4 months, 4 weeks ago

A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file.

CVE-2024-12805 HIGH 4 months, 4 weeks ago

A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code ex…

CVE-2024-12803 HIGH 4 months, 4 weeks ago

A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially le…

CVE-2024-40765 CRITICAL 4 months, 4 weeks ago

An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (D…

CVE-2024-53706 HIGH 4 months, 4 weeks ago

A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` a…

CVE-2024-53705 HIGH 4 months, 4 weeks ago

A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP a…

CVE-2024-53704 HIGH 4 months, 4 weeks ago

An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.

CVE-2024-40762 CRITICAL 4 months, 4 weeks ago

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can …

Related Security News

Web Scanning SonicWall for CVE-2021-20016 - Update, (Wed, May 14th)
2025-05-15 01:23 Sans.edu

I published on the 29 Apr 2025 a diary [1] on scanning activity looking for SonicWall and since this publication this activity has grown 10-fold. Over the past 14 days, several BACS students have rep…

CVE-2021-20016
SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-2023-44221 and CVE-2024-38475
2025-05-05 00:28 SecurityOnline.info

A newly exploit chain targeting SonicWall’s Secure Mobile Access (SMA) appliances has been released. Published by watchTowr Labs, The post SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-20…

CVE-2024-38475 CVE-2023-44221
watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices
2025-05-03 21:26 HackRead

watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities (CVE-2024-38475 & CVE-2023-44221) potentially leading to full system takeover…

CVE-2024-38475 CVE-2023-44221
Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
2025-05-02 13:16 Help Net Security

Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise SonicWall secure mobile access devices, the vendor has confirmed by updating the associat…

CVE-2024-38475 CVE-2023-44221
SonicWall Products Multiple Vulnerabilities
2025-05-02 01:00 Hkcert.org

Multiple vulnerabilities were identified in SonicWall Products. A remote attacker could exploit these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted …

CVE-2023-44221