Sonicwall Sonicos vulnerabilities

CVE-2024-29013 [MEDIUM] CWE-122 CVE-2024-29013: Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attac Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.

CVE-2024-22397 [HIGH] CWE-79 CVE-2024-22397: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the SonicOS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall 'admin' user to store and execute arbitrary JavaScript code.

CVE-2024-22396 [MEDIUM] CWE-190 CVE-2024-22396: An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.

CVE-2024-22394 [CRITICAL] CWE-287 CVE-2024-22394: An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, w An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. This issue affects only firmware version SonicOS 7.1.1-7040.

CVE-2023-41715 [HIGH] CWE-269 CVE-2023-41715: SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunne SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.

CVE-2023-41713 [HIGH] CWE-259 CVE-2023-41713: SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.

CVE-2023-39276 [MEDIUM] CWE-121 CVE-2023-39276: SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json U SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.

CVE-2023-39279 [MEDIUM] CWE-121 CVE-2023-39279: SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.jso SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.

CVE-2023-39280 [MEDIUM] CWE-121 CVE-2023-39280: SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoSt SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.

CVE-2023-41712 [MEDIUM] CWE-121 CVE-2023-41712: SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.

CVE-2023-39277 [MEDIUM] CWE-121 CVE-2023-39277: SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appf SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.

CVE-2023-39278 [MEDIUM] CWE-121 CVE-2023-39278: SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerabilit SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.

CVE-2023-41711 [MEDIUM] CWE-121 CVE-2023-41711: SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.ex SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.

CVE-2023-1101 [HIGH] CWE-307 CVE-2023-1101: SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.

CVE-2023-0656 [HIGH] CWE-121 CVE-2023-0656: A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.

CVE-2022-22275 [HIGH] CWE-400 CVE-2022-22275: Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassin Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.

CVE-2022-22278 [HIGH] CWE-770 CVE-2022-22278: A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP respon A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack

CVE-2022-22276 [MEDIUM] CWE-200 CVE-2022-22276: A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthoriz A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.

CVE-2022-22277 [MEDIUM] CWE-200 CVE-2022-22277: A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive inform A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.

CVE-2022-22274 [CRITICAL] CWE-121 CVE-2022-22274: A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthen A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.