SonicWall 漏洞與 CVE 列表(227)

產品(CPE): — CVE 數: 227

SonicWall 漏洞概覽

彙總 SonicWall 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

常見弱點模式包括 記憶體損壞、跨站腳本、SQL 注入與輸入驗證問題,在 生產負載與軟體部署 使用場景中可能帶來 記憶體損壞、檔案覆寫與工作階段劫持 等風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 120227 CVE 數
«« 第一頁 « 上一頁 第 1 / 12 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2026-0206 A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall. [email protected] 4.9 0.50% 2026-04-29 2026-06-17
CVE-2026-0205 A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services. [email protected] 6.8 0.43% 2026-04-29 2026-06-17
CVE-2026-0204 A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions. [email protected] 8.0 0.41% 2026-04-29 2026-06-17
CVE-2026-4116 Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication. [email protected] 7.2 0.42% 2026-04-09 2026-06-17
CVE-2026-4114 Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication. [email protected] 6.6 0.60% 2026-04-09 2026-06-17
CVE-2026-4113 An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials. [email protected] 7.2 0.36% 2026-04-09 2026-06-17
CVE-2026-4112 Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator. [email protected] 7.2 0.61% 2026-04-09 2026-06-17
CVE-2026-3470 A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database. [email protected] 3.8 0.32% 2026-03-31 2026-06-17
CVE-2026-3469 A denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, allowing a remote authenticated attacker as admin user to cause the application to become unresponsive. [email protected] 2.7 0.39% 2026-03-31 2026-06-17
CVE-2026-3468 A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code. [email protected] 4.8 0.23% 2026-03-31 2026-06-17
CVE-2026-3439 A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall. [email protected] 4.9 0.26% 2026-03-04 2026-06-17
CVE-2026-0402 A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall. [email protected] 4.9 0.26% 2026-02-24 2026-06-17
CVE-2026-0401 A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall. [email protected] 4.9 0.34% 2026-02-24 2026-06-17
CVE-2026-0400 A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall. [email protected] 4.9 0.40% 2026-02-24 2026-06-17
CVE-2026-0399 Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint. [email protected] 4.9 0.32% 2026-02-24 2026-06-17
CVE-2025-40602 KEV A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC). [email protected] 6.6 1.91% 2025-12-18 2026-06-17
CVE-2025-40605 A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path. [email protected] 5.3 0.29% 2025-11-20 2026-06-17
CVE-2025-40604 Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution. [email protected] 9.8 0.17% 2025-11-20 2026-06-17
CVE-2025-40601 A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. [email protected] 7.5 1.06% 2025-11-20 2026-06-17
CVE-2025-40603 A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data. [email protected] 4.5 0.38% 2025-10-31 2026-06-17
«« 第一頁 « 上一頁 第 1 / 12 頁 下一頁 »
cvelogic Threat Intelligence