Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.9-57sv:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-5970 |
Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass. Published: December 05, 2023; 4:15:07 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-44221 |
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability. Published: December 05, 2023; 4:15:07 PM -0500 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available) |