Sonicwall Sonicos vulnerabilities
80 known vulnerabilities affecting sonicwall/sonicos.
Total CVEs
80
CISA KEV
3
actively exploited
Public exploits
6
Exploited in wild
11
Severity breakdown
CRITICAL14HIGH33MEDIUM33
Vulnerabilities
Page 2 of 4
CVE-2021-3449P3MEDIUMCVSS 5.9v7.0.1.02021-03-25
CVE-2021-3449 [MEDIUM] CWE-476 CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a cr
nvd
CVE-2019-7475P3CRITICALCVSS 9.8≤ 5.9.1.10v6.0.5.3-86o+8 more2019-04-02
CVE-2019-7475 [CRITICAL] CWE-284 CVE-2019-7475: A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configu
A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8
nvd
CVE-2021-20048P3HIGHCVSS 8.8≤ 7.0.1-r1456≤ 7.0.1-5023-1349+13 more2022-01-10
CVE-2021-20048 [HIGH] CWE-121 CVE-2021-20048: A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenti
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
nvd
CVE-2021-20046P3HIGHCVSS 8.8≤ 7.0.1-r146≤ 7.0.1-5023-1349+13 more2022-01-10
CVE-2021-20046 [HIGH] CWE-121 CVE-2021-20046: A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote aut
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
nvd
CVE-2023-41715P3HIGHCVSS 8.8fixed in 7.0.1-5145fixed in 6.5.4.4-44v-21-2340+5 more2023-10-17
CVE-2023-41715 [HIGH] CWE-269 CVE-2023-41715: SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunne
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
nvd
CVE-2024-40765P3CRITICALCVSS 9.8v6.5.4.4-44v-21-2395 and older versionsv7.0.1-5151 and older versions+1 more2025-01-09
CVE-2024-40765 [CRITICAL] CWE-190 CVE-2024-40765: An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.
nvd
CVE-2019-12265P3MEDIUMCVSS 5.3≥ 5.9.0.0, ≤ 5.9.0.7≥ 5.9.1.0., ≤ 5.9.1.12+14 more2019-08-09
CVE-2019-12265 [MEDIUM] CWE-401 CVE-2019-12265: Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client compon
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.
nvd
CVE-2024-12803P3HIGHCVSS 7.2v6.5.4.15-117n and older versionsv7.0.1-5161 and older version+2 more2025-01-09
CVE-2024-12803 [HIGH] CWE-121 CVE-2024-12803: A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remot
A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.
nvd
CVE-2023-1101P3HIGHCVSS 8.8fixed in 7.0.1-5111≤ 7.0.1-5083+6 more2023-03-02
CVE-2023-1101 [HIGH] CWE-307 CVE-2023-1101: SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.
nvd
CVE-2024-53705P3HIGHCVSS 7.5v6.5.4.15-117n and older versionsv7.0.1-5161 and older versions+3 more2025-01-09
CVE-2024-53705 [HIGH] CWE-918 CVE-2024-53705: A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote
A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall.
nvd
CVE-2019-12259P3HIGHCVSS 7.5≥ 5.9.0.0, ≤ 5.9.0.7≥ 5.9.1.0., ≤ 5.9.1.12+14 more2019-08-09
CVE-2019-12259 [HIGH] CWE-476 CVE-2019-12259: Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client componen
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.
nvd
CVE-2024-12805P3HIGHCVSS 7.2v6.5.4.15-117n and older versionsv7.0.1-5161 and older version+2 more2025-01-09
CVE-2024-12805 [HIGH] CWE-134 CVE-2024-12805: A post-authentication format string vulnerability in SonicOS management allows a remote attacker to
A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.
nvd
CVE-2026-0204P3HIGHCVSS 8.0fixed in 6.5.5.2-28n≥ 7.0.0.0, ≤ 7.0.1-5169+6 more2026-04-29
CVE-2026-0204 [HIGH] CWE-306 CVE-2026-0204: A vulnerability in the access control mechanism of SonicOS may allow certain management interface fu
A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions.
nvd
CVE-2020-5138P3HIGHCVSS 7.5≤ 5.9.1.13≥ 6.0.0.0, ≤ 6.0.5.3+10 more2020-10-12
CVE-2020-5138 [HIGH] CWE-122 CVE-2020-5138: A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denia
A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
nvd
CVE-2020-5137P3HIGHCVSS 7.5≤ 5.9.1.13≥ 6.0.0.0, ≤ 6.0.5.3+10 more2020-10-12
CVE-2020-5137 [HIGH] CWE-120 CVE-2020-5137: A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial
A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
nvd
CVE-2020-5140P3HIGHCVSS 7.5≤ 5.9.1.13≥ 6.0.0.0, ≤ 6.0.5.3+10 more2020-10-12
CVE-2020-5140 [HIGH] CWE-125 CVE-2020-5140: A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS)
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version Soni
nvd
CVE-2020-5139P3HIGHCVSS 7.5≤ 5.9.1.13≥ 6.0.0.0, ≤ 6.0.5.3+10 more2020-10-12
CVE-2020-5139 [HIGH] CWE-763 CVE-2020-5139: A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial o
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
nvd
CVE-2020-5133P3HIGHCVSS 7.5≥ 6.0.0.0, ≤ 6.0.5.3≥ 6.5.0.0, ≤ 6.5.1.11+5 more2020-10-12
CVE-2020-5133 [HIGH] CWE-120 CVE-2020-5133: A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due t
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
nvd
CVE-2024-53706P3HIGHCVSS 7.8v7.1.1-7058 and older versionsv7.1.2-70192025-01-09
CVE-2024-53706 [HIGH] CWE-269 CVE-2024-53706: A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-priv
A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution.
nvd
CVE-2019-7477P3HIGHCVSS 7.5≤ 5.9.1.10v6.0.5.3-86o+8 more2019-04-02
CVE-2019-7477 [HIGH] CWE-327 CVE-2019-7477: A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain se
A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWA
nvd