CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2021-20038

CVSS 9.8v3.1pub. 2021-12-08upd. 2025-10-31

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sonicwall Sma 200

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma 200 Firmware

    OS
    Sonicwall
    10.2.0.8-37sv10.2.1.1-19sv10.2.1.2-24sv
  • Sonicwall Sma 210

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma 210 Firmware

    OS
    Sonicwall
    10.2.0.8-37sv10.2.1.1-19sv10.2.1.2-24sv
  • Sonicwall Sma 400

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma 400 Firmware

    OS
    Sonicwall
    10.2.0.8-37sv10.2.1.1-19sv10.2.1.2-24sv
  • Sonicwall Sma 410

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma 410 Firmware

    OS
    Sonicwall
    10.2.0.8-37sv10.2.1.1-19sv10.2.1.2-24sv
  • Sonicwall Sma 500v

    HW
    Sonicwall
    wszystkie wersje
  • Sonicwall Sma 500v Firmware

    OS
    Sonicwall
    10.2.0.8-37sv10.2.1.1-19sv10.2.1.2-24sv

CISA KEV — detailsi

Vendori
SonicWall
Producti
SMA 100 Appliances
Added to KEVi
January 28, 2022
Remediation deadline (US Federal)i
February 11, 2022(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 11 lutego 2022
Tags
Auth BypassMemory
CWE
References

Related vulnerabilities

CVE-2024-38475CRITICAL9.1⚠ KEVPL ✓ten sam produkt

Apache HTTP Server mod_rewrite — ujawnienie kodu i RCE poprzez błędne escapowanie

CVE-2021-20028CRITICAL9.8⚠ KEVten sam produkt

Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure R...

CVE-2021-20016CRITICAL9.8⚠ KEVten sam produkt

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker ...

CVE-2025-40599CRITICAL9.1PL ✓ten sam produkt

SonicWall SMA 100 — nieautoryzowany upload pliku prowadzący do RCE

CVE-2022-22273CRITICAL9.8ten sam produkt

Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-lif...