CyberSec.Space Logo
Back to CVE Browser

CVE-2021-20016

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score81.4100%
EPSS Percentile93.33th
PublishedFeb 4, 2021
Last ModifiedOct 31, 2025

Vulnerability Description

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.

Affected Platforms (CPE)

πŸ’»
Sonicwall

Sma 100 Firmware

>= 10.0.0.0 and < 10.2.0.5-d-29sv
πŸ’»
Sonicwall

Sma 200 Firmware

All versions
πŸ’»
Sonicwall

Sma 210 Firmware

All versions
πŸ’»
Sonicwall

Sma 400 Firmware

All versions
πŸ’»
Sonicwall

Sma 410 Firmware

All versions
πŸ“¦
Sonicwall

Sma 500v

All versions

References & Advisories

πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0001
πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0001
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-20016

Related Vulnerabilities

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...