CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-20046

HIGH
8.8
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile19.99th
Published2022年1月10日
Last Modified2024年11月21日

Vulnerability Description

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.

Affected Platforms (CPE)

💻
Sonicwall

Sonicos

<= 7.0.1-r146
💻
Sonicwall

Sonicos

<= 7.0.1-5023-1349
💻
Sonicwall

Sonicos

<= 7.0.1-5018-r1715
💻
Sonicwall

Sonicos

<= 6.5.4.8-89n
💻
Sonicwall

Sonicos

<= 6.5.1.13-1n
💻
Sonicwall

Sonicos

<= 6.0.5.3-94o
💻
Sonicwall

Sonicos

>= 5.0.0.0 and <= 5.9.1.13

References & Advisories

🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027
🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027

相關漏洞威脅

CVE-2020-51359.8

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbit...

CVE-2019-74759.8

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user...

CVE-2021-200488.8

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial...

CVE-2019-74877.8

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path...