Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

sonicwall

34 Products 151 CVEs

CVE Severity Distribution (All Time)

Critical
5
High
16
Medium
8
Low
0

Timeline Overview

Last 30 Days 0 CVEs
Last 6 Months 0 CVEs
Last Year 14 CVEs

Products

View all

sonicos

103 Versions 56 CVEs

SMA100

14 Versions 22 CVEs

GMS

8 Versions 18 CVEs

Analytics

1 Version 15 CVEs

SonicWall SMA100

5 Versions 11 CVEs

Recent CVEs

View all
CVE-2024-12802 CRITICAL 10 months, 2 weeks ago

SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Accou…

CVE-2024-12806 MEDIUM 10 months, 2 weeks ago

A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file.

CVE-2024-12805 HIGH 10 months, 2 weeks ago

A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code ex…

CVE-2024-12803 HIGH 10 months, 2 weeks ago

A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially le…

CVE-2024-40765 CRITICAL 10 months, 2 weeks ago

An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (D…

CVE-2024-53706 HIGH 10 months, 2 weeks ago

A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` a…

CVE-2024-53705 HIGH 10 months, 2 weeks ago

A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP a…

CVE-2024-53704 HIGH 10 months, 2 weeks ago

An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.

CVE-2024-40762 CRITICAL 10 months, 2 weeks ago

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can …

CVE-2024-53703 HIGH 11 months, 2 weeks ago

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows…

Related Security News

Akira Ransomware bypasses MFA on SonicWall VPNs
2025-09-29 10:52 Securityaffairs.com

Akira ransomware is targeting SonicWall SSL VPNs, bypassing OTP MFA on accounts, likely using stolen OTP seeds. Since July 2025, Akira ransomware has exploited SonicWall SSL VPNs, likely using creden…

CVE-2024-40766
Akira ransomware exploiting critical SonicWall SSLVPN bug again
2025-09-11 16:32 BleepingComputer

The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. [...]

CVE-2024-40766
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
2025-09-11 14:51 Help Net Security

Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September…

CVE-2024-40766
Kritieke kwetsbaarheid in SonicWall SLL VPN's actief uitgebuit
2025-09-11 10:38 Security.nl

Een kritieke kwetsbaarheid in SonicWall SSL VPN's (CVE-2024-40766) wordt actief misbruikt door de Akira-ransomware voor het ...

CVE-2024-40766
Web Scanning SonicWall for CVE-2021-20016 - Update, (Wed, May 14th)
2025-05-15 01:23 Sans.edu

I published on the 29 Apr 2025 a diary [1] on scanning activity looking for SonicWall and since this publication this activity has grown 10-fold. Over the past 14 days, several BACS students have rep…

CVE-2021-20016