Skip to main content

Sonicos EUVDEUVD-2026-26255

| CVE-2026-0205 MEDIUM
Path Traversal: '.../...//' (CWE-35)
2026-04-29 sonicwall
6.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
High

Lifecycle Timeline

3
CVSS changed
Apr 29, 2026 - 17:22 NVD
6.8 (MEDIUM)
EUVD ID Assigned
Apr 29, 2026 - 17:00 euvd
EUVD-2026-26255
CVE Published
Apr 29, 2026 - 16:18 nvd
MEDIUM 6.8

DescriptionCVE.org

A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.

Analysis

A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.

CVE-2024-53704 CRITICAL POC
9.8 Jan 09

SonicWall SonicOS SSLVPN contains an authentication bypass vulnerability allowing remote attackers to bypass authenticat

CVE-2024-3596 CRITICAL
9.0 Jul 09

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (

CVE-2019-12255 CRITICAL POC
9.8 Aug 09

Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). Rated critical severity (CVSS 9.8), this v

CVE-2019-12258 HIGH POC
7.5 Aug 09

Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. Rated high severity (CVSS 7.5), this vulne

CVE-2021-20031 MEDIUM POC
6.1 Oct 12

A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management

CVE-2024-40766 CRITICAL
9.8 Aug 23

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially lea

CVE-2024-22394 CRITICAL
9.8 Feb 08

An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific con

CVE-2022-22274 CRITICAL POC
9.8 Mar 25

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to

CVE-2020-5135 CRITICAL
9.8 Oct 12

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially exe

CVE-2019-12261 CRITICAL
9.8 Aug 09

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). Rated critical seve

CVE-2019-12260 CRITICAL
9.8 Aug 09

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). Rated critical severity (CVSS

CVE-2019-12256 CRITICAL
9.8 Aug 09

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. Rated critical severity (CVSS 9.8), this vul

Share

EUVD-2026-26255 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy