CVE-2021-20048

Published: Jan 7, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.

Vendor	Product	Versions
SonicWall	SonicOS	affected `7.0.1-R146 and earlier` affected `7.0.1-5023-1349 and earlier` affected `7.0.1-5018-R1715 and earlier` affected `6.5.4.8-89n and earlier` affected `6.5.1.13-1n and earlier` +3 more versions

Weaknesses (CWE)

CWE-121

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-20048

Description

Affected Products

Weaknesses (CWE)

References