QwikSec

Security Database

CVE

CWE

Training

CVE-2024-40766

Published: Aug 23, 2024

Modified: Oct 21, 2025

PUBLISHED

Description

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

Vendor	Product	Versions
SonicWall	SonicOS	affected `5.9.2.14-12o and older versions` affected `6.5.4.14-109n and older versions` affected `7.0.1-5035 and older versions`

Weaknesses (CWE)

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.