CVE-2021-20042 — Confused Deputy in SMA 500v Firmware

CWE-441 — Confused Deputy CWE-610 — Externally Controlled Reference to a Resource in Another Sphere4 documents4 sources

Severity

9.8CRITICALNVD

EPSS

0.9%

top 24.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sonicwall Sma100 Sonicwall SMA 200 Firmware Sonicwall SMA 210 Firmware +3 more

Timeline

PublishedDec 8

Latest updateApr 14

Description

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages6 packages

▶NVDsonicwall/sma_500v_firmware10.2.0.8-37sv, 10.2.1.1-19sv, 9.0.0.11-31sv+2

▶CVEListV5sonicwall/sonicwall_sma1004 versions+3

▶NVDsonicwall/sma_200_firmware10.2.0.8-37sv, 10.2.1.1-19sv, 9.0.0.11-31sv+2

▶NVDsonicwall/sma_210_firmware10.2.0.8-37sv, 10.2.1.1-19sv, 9.0.0.11-31sv+2

▶NVDsonicwall/sma_400_firmware10.2.0.8-37sv, 10.2.1.1-19sv, 9.0.0.11-31sv+2

🔴Vulnerability Details

GHSA

GHSA-7jhp-ff4f-8fx7: An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules↗2021-12-09

▶

CVEList

CVE-2021-20042: An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules↗2021-12-08

▶

🔍Detection Rules

Suricata

ET WEB_SERVER SonicWall SMA Unauthenticated sonicfiles Confused Deputy (CVE-2021-20042)↗2025-04-14

▶