CyberSec.Space Logo
Back to CVE Browser

CVE-2021-20022

Known Exploited (CISA KEV)HIGH
7.2
CVSS Severity Score
EPSS Score83.4980%
EPSS Percentile94.80th
PublishedApr 9, 2021
Last ModifiedNov 10, 2025

Vulnerability Description

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.

Affected Platforms (CPE)

πŸ“¦
Sonicwall

Email Security

< 10.0.9.6103
πŸ’»
Sonicwall

Email Security Appliance 9000 Firmware

< 10.0.9.6105
πŸ’»
Sonicwall

Email Security Appliance 3300 Firmware

< 10.0.9.6105
πŸ’»
Sonicwall

Email Security Appliance 4300 Firmware

< 10.0.9.6105
πŸ’»
Sonicwall

Email Security Appliance 8300 Firmware

< 10.0.9.6105
πŸ’»
Sonicwall

Email Security Appliance 5000 Firmware

< 10.0.9.6105
πŸ’»
Sonicwall

Email Security Appliance 7000 Firmware

< 10.0.9.6105
πŸ’»
Sonicwall

Email Security Appliance 5050 Firmware

< 10.0.9.6105
πŸ’»
Sonicwall

Email Security Appliance 7050 Firmware

< 10.0.9.6105
πŸ“¦
Sonicwall

Email Security Virtual Appliance

< 10.0.9.6105
πŸ“¦
Sonicwall

Hosted Email Security

< 10.0.9.6103

References & Advisories

πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0008
πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0008
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-20022

Related Vulnerabilities

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2002-136110.0

overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute a...

CVE-2018-165299.8

A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after th...

CVE-2018-165309.8

A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially...