cbcvebase.
CVE-2007-5814
published 2007-11-05

CVE-2007-5814: Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers…

PriorityP337critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
5.72%
92.1th percentile
Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (5) userName, (6) domainName, or (7) dnsSuffix Unicode property value. NOTE: the AddRouteEntry vector is covered by CVE-2007-5603.

Affected

3 ranges
VendorProductVersion rangeFixed in
sonicwallnetextender
sonicwallssl_vpn<= 2.1
sonicwallssl_vpn<= 2.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.