Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service (DoS) attack.
2022-06-08T09:15:08.417
2024-11-21T06:41:17.060
Modified
CVSSv3.1: 8.8 (HIGH)
AV:N/AC:L/Au:S/C:C/I:C/A:C
8.0
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | sonicwall | sma_210_firmware | ≤ 10.2.1.4-31sv | Yes |
| Hardware | sonicwall | sma_210 | - | No |
| Operating System | sonicwall | sma_410_firmware | ≤ 10.2.1.4-31sv | Yes |
| Hardware | sonicwall | sma_410 | - | No |
| Operating System | sonicwall | sma_500v_firmware | ≤ 10.2.1.4-31sv | Yes |
| Hardware | sonicwall | sma_500v | - | No |
| Operating System | sonicwall | sma_210_firmware | ≤ 10.2.0.9-41sv | Yes |
| Hardware | sonicwall | sma_210 | - | No |
| Operating System | sonicwall | sma_410_firmware | ≤ 10.2.0.9-41sv | Yes |
| Hardware | sonicwall | sma_410 | - | No |
| Operating System | sonicwall | sma_500v_firmware | ≤ 10.2.0.9-41sv | Yes |
| Hardware | sonicwall | sma_500v | - | No |