CPE Details
SonicWall Sma 400 Firmware 10.2.0.7-34sv
10.2.0.7-34sv
2021-10-05
14h04 +00:00
14h04 +00:00
2021-10-05
14h55 +00:00
14h55 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:o:sonicwall:sma_400_firmware:10.2.0.7-34sv:*:*:*:*:*:*:*
Informations
Vendor
sonicwallProduct
sma_400_firmwareVersion
10.2.0.7-34svRelated CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a remote authenticated attacker to associate another user's MFA mobile application. | 6.3 |
Moyen |
||
| Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass. | 8.8 |
Haute |
||
| Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability. | 7.2 |
Haute |
||
| A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions. | 8.8 |
Haute |
||
| Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS. | 6.5 |
Moyen |
||
| An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. | 9.1 |
Critique |
2025©
tesweb SA
