Skip to main content

Sma 7210 Firmware

4 CVEs product

Monthly

CVE-2024-6387 HIGH POC PATCH THREAT Act Now

Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to exploit a signal handler race condition by failing to authenticate within the LoginGraceTime window, potentially yielding root-level code execution on glibc-based Linux systems. The flaw - widely known as 'regreSSHion' - affects numerous distributions and vendor appliances including Ubuntu 23.10/24.04, AlmaLinux 9, SonicWall SMA firmware, Arista EOS, NetApp ONTAP, and others. Publicly available exploit code exists and EPSS scores it at 48.06% (98th percentile), reflecting very high exploitation likelihood, though it is not currently listed in CISA KEV.

Information Disclosure SSH Sma 6200 Firmware Sma 7200 Firmware Eos +51
NVD GitHub Exploit-DB
CVSS 3.1
8.1
EPSS
48.1%
Threat
4.6
CVE-2022-22282 CRITICAL Act Now

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sonicwall Sma 6200 Firmware Sma 6210 Firmware Sma 7200 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
7.4%
CVE-2022-1702 MEDIUM This Month

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Sonicwall Sma 6200 Firmware Sma 6210 Firmware Sma 7200 Firmware +2
NVD
CVSS 3.1
6.1
EPSS
8.6%
CVE-2022-1701 HIGH This Week

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sonicwall Information Disclosure Sma 6200 Firmware Sma 6210 Firmware Sma 7200 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
4.5%
EPSS 48% 4.6 CVSS 8.1
HIGH POC PATCH THREAT Act Now

Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to exploit a signal handler race condition by failing to authenticate within the LoginGraceTime window, potentially yielding root-level code execution on glibc-based Linux systems. The flaw - widely known as 'regreSSHion' - affects numerous distributions and vendor appliances including Ubuntu 23.10/24.04, AlmaLinux 9, SonicWall SMA firmware, Arista EOS, NetApp ONTAP, and others. Publicly available exploit code exists and EPSS scores it at 48.06% (98th percentile), reflecting very high exploitation likelihood, though it is not currently listed in CISA KEV.

Information Disclosure SSH Sma 6200 Firmware +53
NVD GitHub Exploit-DB
EPSS 7% CVSS 9.8
CRITICAL Act Now

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sonicwall Sma 6200 Firmware +4
NVD
EPSS 9% CVSS 6.1
MEDIUM This Month

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Sonicwall Sma 6200 Firmware +4
NVD
EPSS 5% CVSS 7.5
HIGH This Week

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sonicwall Information Disclosure Sma 6200 Firmware +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy