CyberSec.Space Logo
Back to CVE Browser

CVE-2021-20046

HIGH
8.8
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile19.99th
PublishedJan 10, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.

Affected Platforms (CPE)

πŸ’»
Sonicwall

Sonicos

<= 7.0.1-r146
πŸ’»
Sonicwall

Sonicos

<= 7.0.1-5023-1349
πŸ’»
Sonicwall

Sonicos

<= 7.0.1-5018-r1715
πŸ’»
Sonicwall

Sonicos

<= 6.5.4.8-89n
πŸ’»
Sonicwall

Sonicos

<= 6.5.1.13-1n
πŸ’»
Sonicwall

Sonicos

<= 6.0.5.3-94o
πŸ’»
Sonicwall

Sonicos

>= 5.0.0.0 and <= 5.9.1.13

References & Advisories

πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027
πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027

Related Vulnerabilities

CVE-2020-51359.8

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbit...

CVE-2019-74759.8

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user...

CVE-2021-200488.8

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial...

CVE-2019-74877.8

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path...