Total
37 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3439 | 1 Sonicwall | 33 Nsa 2700, Nsa 2800, Nsa 3700 and 30 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall. | |||||
| CVE-2026-0402 | 1 Sonicwall | 33 Nsa 2700, Nsa 2800, Nsa 3700 and 30 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall. | |||||
| CVE-2026-0401 | 1 Sonicwall | 33 Nsa 2700, Nsa 2800, Nsa 3700 and 30 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall. | |||||
| CVE-2026-0400 | 1 Sonicwall | 33 Nsa 2700, Nsa 2800, Nsa 3700 and 30 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall. | |||||
| CVE-2026-0399 | 1 Sonicwall | 33 Nsa 2700, Nsa 2800, Nsa 3700 and 30 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint. | |||||
| CVE-2026-0206 | 1 Sonicwall | 64 Nsa 2650, Nsa 2700, Nsa 2800 and 61 more | 2026-06-17 | N/A | 4.9 MEDIUM |
| A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall. | |||||
| CVE-2026-0205 | 1 Sonicwall | 64 Nsa 2650, Nsa 2700, Nsa 2800 and 61 more | 2026-06-17 | N/A | 6.8 MEDIUM |
| A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services. | |||||
| CVE-2026-0204 | 1 Sonicwall | 64 Nsa 2650, Nsa 2700, Nsa 2800 and 61 more | 2026-06-17 | N/A | 8.0 HIGH |
| A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions. | |||||
| CVE-2025-40601 | 1 Sonicwall | 33 Nsa 2700, Nsa 2800, Nsa 3700 and 30 more | 2026-06-17 | N/A | 7.5 HIGH |
| A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. | |||||
| CVE-2025-40600 | 1 Sonicwall | 23 Nsa 2700, Nsa 3700, Nsa 4700 and 20 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption. | |||||
| CVE-2024-53704 | 1 Sonicwall | 24 Nsa 2700, Nsa 3700, Nsa 4700 and 21 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. | |||||
| CVE-2024-40766 | 1 Sonicwall | 52 Nsa 2650, Nsa 2700, Nsa 3600 and 49 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. | |||||
| CVE-2024-40764 | 1 Sonicwall | 32 Nsa 2700, Nsa 3700, Nsa 4700 and 29 more | 2026-06-17 | N/A | 7.5 HIGH |
| Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS). | |||||
| CVE-2024-29013 | 1 Sonicwall | 22 Nsa 2700, Nsa 3700, Nsa 4700 and 19 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function. | |||||
| CVE-2024-29012 | 1 Sonicwall | 22 Nsa 2700, Nsa 3700, Nsa 4700 and 19 more | 2026-06-17 | N/A | 7.5 HIGH |
| Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function. | |||||
| CVE-2024-22394 | 1 Sonicwall | 22 Nsa 2700, Nsa 3700, Nsa 4700 and 19 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. This issue affects only firmware version SonicOS 7.1.1-7040. | |||||
| CVE-2023-41715 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2026-06-17 | N/A | 8.8 HIGH |
| SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel. | |||||
| CVE-2023-41713 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2026-06-17 | N/A | 7.5 HIGH |
| SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. | |||||
| CVE-2023-41712 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash. | |||||
| CVE-2023-41711 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash. | |||||
