SonicWall Sma 100 Firmware 10.2.0.2-20sv

CPE Details

SonicWall Sma 100 Firmware 10.2.0.2-20sv
sonicwall
sma_100_firmware
10.2.0.2-20sv
2021-01-14
19h20 +00:00
2021-01-14
19h20 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:sonicwall:sma_100_firmware:10.2.0.2-20sv:*:*:*:*:*:*:*

Informations

Vendor

sonicwall

Product

sma_100_firmware

Version

10.2.0.2-20sv

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2025-32821 2025-05-07 17h22 +00:00 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.
7.2
Haute
CVE-2025-32820 2025-05-07 17h20 +00:00 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.
8.8
Haute
CVE-2025-32819 2025-05-07 17h18 +00:00 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
8.8
Haute
CVE-2021-20016 2021-02-03 20h35 +00:00 A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.
9.8
Critique
CVE-2020-5146 2021-01-08 23h15 +00:00 A vulnerability in SonicWall SMA100 appliance allow an authenticated management-user to perform OS command injection using HTTP POST parameters. This vulnerability affected SMA100 Appliance version 10.2.0.2-20sv and earlier.
7.2
Haute
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.