9.8
CVE-2021-20045
- EPSS 3.74%
- Published 08.12.2021 10:15:08
- Last modified 21.11.2024 05:45:50
- Source PSIRT@sonicwall.com
- Teams watchlist Login
- Open Login
A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Data is provided by the National Vulnerability Database (NVD)
Sonicwall ≫ Sma 200 Firmware Version10.2.0.8-37sv
Sonicwall ≫ Sma 200 Firmware Version10.2.1.1-19sv
Sonicwall ≫ Sma 210 Firmware Version10.2.0.8-37sv
Sonicwall ≫ Sma 210 Firmware Version10.2.1.1-19sv
Sonicwall ≫ Sma 410 Firmware Version10.2.0.8-37sv
Sonicwall ≫ Sma 410 Firmware Version10.2.1.1-19sv
Sonicwall ≫ Sma 400 Firmware Version10.2.0.8-37sv
Sonicwall ≫ Sma 400 Firmware Version10.2.1.1-19sv
Sonicwall ≫ Sma 500v Firmware Version10.2.0.8-37sv
Sonicwall ≫ Sma 500v Firmware Version10.2.1.1-19sv
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.74% | 0.876 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.