Skip to main content

Sma100 Firmware

5 CVEs product

Monthly

CVE-2021-3450 Cargo HIGH PATCH This Week

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Authentication Bypass Freebsd Santricity Smi S Provider Firmware Storagegrid Firmware +29
NVD
CVSS 3.1
7.4
EPSS
18.3%
CVE-2021-3449 Cargo MEDIUM PATCH This Month

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference OpenSSL Denial Of Service Debian Linux Freebsd +103
NVD
CVSS 3.1
5.9
EPSS
62.9%
CVE-2021-20018 MEDIUM This Month

A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Sonicwall Information Disclosure Sma100 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2021-20017 HIGH This Week

A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Sonicwall Sma100 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-5132 MEDIUM This Month

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sonicwall Information Disclosure Sma100 Firmware Sonicos
NVD
CVSS 3.1
5.3
EPSS
0.9%
EPSS 18% CVSS 7.4
HIGH PATCH This Week

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Authentication Bypass Freebsd +31
NVD
EPSS 63% CVSS 5.9
MEDIUM PATCH This Month

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference OpenSSL Denial Of Service +105
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Sonicwall Information Disclosure Sma100 Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Sonicwall Sma100 Firmware
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sonicwall Information Disclosure Sma100 Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy