Sonicwall

Netextender

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2025-23010

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 10.04.2025 19:16:00
  • Zuletzt bearbeitet 17.04.2025 16:15:30

An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to manipulate file paths.

7.2

CVE-2025-23009

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 10.04.2025 18:55:52
  • Zuletzt bearbeitet 17.04.2025 16:15:29

A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion.

7.2

CVE-2025-23008

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 10.04.2025 18:55:06
  • Zuletzt bearbeitet 11.04.2025 15:39:52

An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations.

5.5

CVE-2025-23007

  • EPSS 0.02%
  • Veröffentlicht 30.01.2025 10:15:09
  • Zuletzt bearbeitet 17.04.2025 16:15:29

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation.

8.8

CVE-2024-29014

  • EPSS 1.01%
  • Veröffentlicht 18.07.2024 08:15:02
  • Zuletzt bearbeitet 21.11.2024 09:07:22

Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update.

5.5

CVE-2023-6340

  • EPSS 0.07%
  • Veröffentlicht 18.01.2024 00:15:38
  • Zuletzt bearbeitet 11.06.2025 17:15:38

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow v...

7.3

CVE-2023-44220

  • EPSS 0.03%
  • Veröffentlicht 27.10.2023 08:15:31
  • Zuletzt bearbeitet 21.11.2024 08:25:28

SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in th...

7.8

CVE-2023-44217

  • EPSS 0.06%
  • Veröffentlicht 03.10.2023 08:15:36
  • Zuletzt bearbeitet 21.11.2024 08:25:27

A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.

7.8

CVE-2023-44218

  • EPSS 0.09%
  • Veröffentlicht 03.10.2023 08:15:36
  • Zuletzt bearbeitet 21.11.2024 08:25:27

A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.

7.8

CVE-2022-22281

  • EPSS 0.04%
  • Veröffentlicht 13.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:33

A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system.