Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Back to KEV List

SonicWall Email Security Unrestricted Upload of File Vulnerability

Added Nov. 3, 2021 Due Nov. 17, 2021 CVE-2021-20022
Overdue SonicWall / SonicWall Email Security Known Ransomware Use CWE-434

Description

SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20023 to achieve privilege escalation.

Required Action

Apply updates per vendor instructions.

References

Additional Information

Catalog Version
2025.01.24
Catalog Released
Jan. 24, 2025
Days Until Due
0 days
Last Updated
6 months, 4 weeks ago