CVE-2026-0399

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-0399
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.

4.9 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsa_2800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz280:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz380:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz480:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz580:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz680:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz80:-:*:*:*:*:*:*:*
History

26 Feb 2026, 20:00

Type Values Removed Values Added
First Time Sonicwall tz470
Sonicwall nsa 5700
Sonicwall nsa 5800
Sonicwall nsa 3700
Sonicwall tz580
Sonicwall tz380
Sonicwall nsa 4800
Sonicwall nssp 11700
Sonicwall tz480
Sonicwall tz680
Sonicwall nsa 6700
Sonicwall nsv270
Sonicwall tz370
Sonicwall nsa 2700
Sonicwall tz670
Sonicwall nssp 13700
Sonicwall nsv870
Sonicwall tz270w
Sonicwall tz570w
Sonicwall tz370w
Sonicwall nssp 15700
Sonicwall nsv470
Sonicwall nsa 2800
Sonicwall tz570
Sonicwall tz80
Sonicwall
Sonicwall nssp 10700
Sonicwall nsa 3800
Sonicwall tz570p
Sonicwall tz470w
Sonicwall sonicos
Sonicwall nsa 4700
Sonicwall tz270
Sonicwall tz280
References () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001 - () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001 - Vendor Advisory
CPE cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz80:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz380:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz480:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_2800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz580:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz680:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz280:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*

24 Feb 2026, 16:24

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 4.9

24 Feb 2026, 15:21

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-24 15:21

Updated : 2026-02-26 20:00

NVD link : CVE-2026-0399

Mitre link : CVE-2026-0399

CVE.ORG link : CVE-2026-0399

JSON object : View

Products Affected

sonicwall

  • nssp_11700
  • tz570
  • tz370
  • tz480
  • tz370w
  • tz580
  • tz470
  • tz270w
  • nssp_10700
  • tz270
  • nsv470
  • tz570p
  • nsa_2800
  • nsa_3700
  • nsa_5800
  • tz470w
  • nsa_3800
  • nsa_4700
  • tz80
  • nsv270
  • tz680
  • nsa_2700
  • tz280
  • nsa_5700
  • tz670
  • tz570w
  • sonicos
  • nsv870
  • nssp_13700
  • nsa_6700
  • tz380
  • nssp_15700
  • nsa_4800
CWE
CWE-121

Stack-based Buffer Overflow