Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisa_kevCISACISA-KEV-CVE-2021-20038
HistoryJan 28, 2022 - 12:00 a.m.

SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability

2022-01-2800:00:00
CISA
www.cisa.gov
6
sonicwall
sma 100
buffer overflow
vulnerability
code execution

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.951

Percentile

99.4%

JSON

SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.

Related

githubexploit 6
nuclei 1
nvd 1
prion 1
checkpoint_advisories 1
cvelist 1
cve 1
attackerkb 1
packetstorm 1
zdt 1
metasploit 1
thn 2
ics 4
threatpost 2
rapid7blog 4
cisa 1
nessus 1
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Sonicwall Sma 200 Firmware
2022-04-24 02:02:54
Exploit for Stack-based Buffer Overflow in Sonicwall Sma 200 Firmware
2022-08-08 03:38:06
Exploit for Stack-based Buffer Overflow in Sonicwall Sma 200 Firmware
2022-08-08 03:38:06
nuclei
nuclei
SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution
2022-01-18 05:20:14
nvd
nvd
CVE-2021-20038
2021-12-08 10:15:07
prion
prion
Stack overflow
2021-12-08 10:15:00
checkpoint_advisories
checkpoint_advisories
SonicWall SMA100 Buffer Overflow (CVE-2021-20038)
2022-02-06 00:00:00
cvelist
cvelist
CVE-2021-20038
2021-12-08 09:55:20
cve
cve
CVE-2021-20038
2021-12-08 10:15:07
attackerkb
attackerkb
CVE-2021-20038
2022-01-11 00:00:00
packetstorm
packetstorm
SonicWall SMA 100 Series Authenticated Command Injection
2022-01-13 00:00:00
zdt
zdt
SonicWall SMA 100 Series Authenticated Command Injection Exploit
2022-01-13 00:00:00
metasploit
metasploit
SonicWall SMA 100 Series Authenticated Command Injection
2022-01-10 20:43:50
thn
thn
North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations
2023-02-10 11:52:00
SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws
2021-12-09 05:18:00
ics
ics
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
2023-02-09 12:00:00
2021 Top Routinely Exploited Vulnerabilities
2022-04-28 12:00:00
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
2024-07-25 12:00:00
threatpost
threatpost
Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
2021-12-08 19:16:54
Critical SonicWall NAC Vulnerability Stems from Apache Mods
2022-01-11 14:09:21
rapid7blog
rapid7blog
CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)
2022-01-11 14:00:00
SonicWall Recommends Urgent Patching for GMS and Analytics CVEs
2023-07-13 14:56:13
Metasploit Weekly Wrap-Up
2022-01-14 19:00:29
cisa
cisa
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
2022-01-28 00:00:00
nessus
nessus
SonicWall Secure Mobile Access Multiple Vulnerabilities (SNWLID-2021-0026)
2021-12-09 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.951

Percentile

99.4%

JSON
Related for CISA-KEV-CVE-2021-20038
githubexploit6nuclei1nvd1prion1checkpoint_advisories1cvelist1cve1attackerkb1packetstorm1zdt1metasploit1thn2ics4threatpost2rapid7blog4cisa1nessus1