Sonicwall Sma 210 Firmware vulnerabilities
34 known vulnerabilities affecting sonicwall/sma_210_firmware.
Total CVEs
34
CISA KEV
5
actively exploited
Public exploits
5
Exploited in wild
11
Severity breakdown
CRITICAL8HIGH19MEDIUM7
Vulnerabilities
Page 1 of 2
CVE-2021-20038P1CRITICALCVSS 9.8KEVPoCRansomwarev10.2.0.8-37svv10.2.1.1-19sv+1 more2021-12-08
CVE-2021-20038 [CRITICAL] CWE-121 CVE-2021-20038: A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environme
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and ea
nvd
CVE-2024-38475P1CRITICALCVSS 9.1KEVPoCfixed in 10.2.1.14-75sv2024-07-01
CVE-2024-38475 [CRITICAL] CWE-116 CVE-2024-38475: Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attack
Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure.
Substitutions in server context that use a backrefe
nvd
CVE-2023-44221P1HIGHCVSS 7.2KEVPoC≤ 10.2.1.9-57sv2023-12-05
CVE-2023-44221 [HIGH] CWE-78 CVE-2023-44221: Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remo
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.
nvd
CVE-2021-20028P1CRITICALCVSS 9.8KEVRansomware≥ 8.0.0.0, < 9.0.0.10-28sv2021-08-04
CVE-2021-20028 [CRITICAL] CWE-89 CVE-2021-20028: Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-lif
Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier
nvd
CVE-2021-20035P2MEDIUMCVSS 6.5KEVfixed in 9.0.0.11-31sv≥ 10.2.0.0, < 10.2.0.8-37sv+1 more2021-09-27
CVE-2021-20035 [MEDIUM] CWE-78 CVE-2021-20035: Improper neutralization of special elements in the SMA100 management interface allows a remote authe
Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.
nvd
CVE-2021-20039P1HIGHCVSS 8.8ExploitedPoCv9.0.0.11-31svv10.2.0.8-37sv+1 more2021-12-08
CVE-2021-20039 [HIGH] CWE-78 CVE-2021-20039: Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' P
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
nvd
CVE-2022-1703P1HIGHCVSS 8.8Exploited≤ 10.2.1.4-31sv≤ 10.2.0.9-41sv2022-06-08
CVE-2022-1703 [HIGH] CWE-78 CVE-2022-1703: Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interf
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service (DoS) attack.
nvd
CVE-2022-22279P1MEDIUMCVSS 4.9ExploitedRansomwarefixed in 9.0.0.10-28sv2022-04-13
CVE-2022-22279 [MEDIUM] CWE-23 CVE-2022-22279: A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (
A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.
nvd
CVE-2025-32819P2HIGHCVSS 8.8Exploitedfixed in 10.2.1.15-81sv2025-05-07
CVE-2025-32819 [HIGH] CWE-552 CVE-2025-32819: A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypa
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
nvd
CVE-2023-5970P2HIGHCVSS 8.8Exploited≤ 10.2.1.9-57sv2023-12-05
CVE-2023-5970 [HIGH] CWE-287 CVE-2023-5970: Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated at
Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass.
nvd
CVE-2021-20034P1CRITICALCVSS 9.1PoC≤ 9.0.0.10-28sv≥ 10.2.0.0, ≤ 10.2.0.7-34sv+1 more2021-09-27
CVE-2021-20034 [CRITICAL] CWE-284 CVE-2021-20034: An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypas
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
nvd
CVE-2022-2915P2HIGHCVSS 8.8Exploited≤ 10.2.1.5-34sv2022-08-26
CVE-2022-2915 [HIGH] CWE-122 CVE-2022-2915: A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authent
A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions.
nvd
CVE-2021-20044P2HIGHCVSS 8.8v10.2.0.8-37svv10.2.1.1-19sv2021-12-08
CVE-2021-20044 [HIGH] CWE-78 CVE-2021-20044: A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote aut
A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS system commands in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
nvd
CVE-2021-20045P2CRITICALCVSS 9.8v10.2.0.8-37svv10.2.1.1-19sv2021-12-08
CVE-2021-20045 [CRITICAL] CWE-120 CVE-2021-20045: A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remo
A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
nvd
CVE-2025-40596P2HIGHCVSS 7.3fixed in 10.2.2.1-90sv2025-07-23
CVE-2025-40596 [HIGH] CWE-121 CVE-2025-40596: A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauth
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
nvd
CVE-2025-40599P2CRITICALCVSS 9.1fixed in 10.2.2.1-90sv2025-07-23
CVE-2025-40599 [CRITICAL] CWE-434 CVE-2025-40599: An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management int
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.
nvd
CVE-2021-20043P2HIGHCVSS 8.8v10.2.0.8-37svv10.2.1.1-19sv2021-12-08
CVE-2021-20043 [HIGH] CWE-122 CVE-2021-20043: A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote a
A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
nvd
CVE-2025-40597P2HIGHCVSS 7.5fixed in 10.2.2.1-90sv2025-07-23
CVE-2025-40597 [HIGH] CWE-122 CVE-2025-40597: A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthe
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
nvd
CVE-2021-20040P2HIGHCVSS 7.5v10.2.0.8-37svv10.2.1.1-19sv2021-12-08
CVE-2021-20040 [HIGH] CWE-23 CVE-2021-20040: A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated
A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
nvd
CVE-2022-22273P2CRITICALCVSS 9.8≤ 9.0.0.9-26sv2022-03-17
CVE-2022-22273 [CRITICAL] CWE-78 CVE-2022-22273: Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting
Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series
nvd
1 / 2Next →