Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database.
AnalysisAI
Database corruption in SonicWall Email Security appliance via improper input sanitization allows authenticated admin users to corrupt the application database by submitting crafted input. The vulnerability requires valid administrative credentials and affects all versions of SonicWall Email Security as indicated by the CPE wildcard matching. No CVSS scoring, public exploit code, or CISA KEV status is available at this time, limiting precise risk quantification.
Technical ContextAI
The vulnerability stems from CWE-20 (Improper Input Validation), a fundamental class of flaws where user-supplied input is not properly validated or sanitized before being processed by the application. In the SonicWall Email Security appliance, this weakness is exploited through the administrative interface where crafted input parameters are accepted and used to interact with the application database without adequate filtering or escaping. The issue does not involve authentication bypass-it requires existing admin credentials-but rather represents a post-authentication abuse of the input handling mechanism that can result in data integrity compromise of the email security database.
RemediationAI
Contact SonicWall PSIRT or refer to the official advisory at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002 for specific patch availability and version guidance, as no fixed version number is currently provided in available sources. As an immediate workaround, restrict and audit administrative access to the Email Security appliance, limiting the number of accounts with admin privileges and implementing robust logging of admin actions that modify input parameters affecting the database. Organizations should monitor SonicWall's security advisories for patch release announcements and apply updates as soon as they become available.
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default passwor
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not requir
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerabili
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabi
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authenticatio
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerabili
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GM
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote at
Same weakness CWE-20 – Improper Input Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17644