Lucene search
SonicwallCVELIST:CVE-2021-20038HistoryDec 08, 2021 - 9:55 a.m.
CVE-2021-20038
2021-12-0809:55:20
CWE-121
sonicwall
www.cve.org
9
cve-2021-20038
mod_cgi module
remote unauthenticated attacker
execute code
'nobody' user
sma 200
sma 210
sma 400
sma 410
sma 500v
firmware 10.2.0.8-37sv
firmware 10.2.1.1-19sv
firmware 10.2.1.2-24sv
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd serverβs mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a βnobodyβ user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
CNA Affected
[
{
"product": "SonicWall SMA100",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.0.8-37sv and earlier"
},
{
"status": "affected",
"version": "10.2.1.1-19sv and earlier"
},
{
"status": "affected",
"version": "10.2.1.2-24sv and earlier"
}
]
}
]Related
prion
prion
Stack overflow
2021-12-08 10:15:00
nuclei
nuclei
SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution
2022-01-18 05:20:14
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Sonicwall Sma 200 Firmware
2022-04-24 02:02:54
Exploit for Stack-based Buffer Overflow in Sonicwall Sma 200 Firmware
2022-08-08 03:38:06
Exploit for Stack-based Buffer Overflow in Sonicwall Sma 200 Firmware
2022-08-08 03:38:06
nvd
nvd
CVE-2021-20038
2021-12-08 10:15:07
checkpoint_advisories
checkpoint_advisories
SonicWall SMA100 Buffer Overflow (CVE-2021-20038)
2022-02-06 00:00:00
cisa_kev
cisa_kev
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
2022-01-28 00:00:00
cve
cve
CVE-2021-20038
2021-12-08 10:15:07
attackerkb
attackerkb
CVE-2021-20038
2022-01-11 00:00:00
zdt
zdt
SonicWall SMA 100 Series Authenticated Command Injection Exploit
2022-01-13 00:00:00
packetstorm
packetstorm
SonicWall SMA 100 Series Authenticated Command Injection
2022-01-13 00:00:00
metasploit
metasploit
SonicWall SMA 100 Series Authenticated Command Injection
2022-01-10 20:43:50
thn
thn
SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws
2021-12-09 05:18:00
ics
ics
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
2023-02-09 12:00:00
2021 Top Routinely Exploited Vulnerabilities
2022-04-28 12:00:00
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00
threatpost
threatpost
Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
2021-12-08 19:16:54
Critical SonicWall NAC Vulnerability Stems from Apache Mods
2022-01-11 14:09:21
rapid7blog
rapid7blog
CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)
2022-01-11 14:00:00
SonicWall Recommends Urgent Patching for GMS and Analytics CVEs
2023-07-13 14:56:13
Metasploit Weekly Wrap-Up
2022-01-14 19:00:29
cisa
cisa
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
2022-01-28 00:00:00
nessus
nessus
SonicWall Secure Mobile Access Multiple Vulnerabilities (SNWLID-2021-0026)
2021-12-09 00:00:00