RCE in Sonicwall Sma100

CVE-2020-5146

A vulnerability in SonicWall SMA100 appliance allow an authenticated management-user to perform OS command injection using HTTP POST parameters. This vulnerability affected SMA100 Appliance version 10.2.0.2-20sv and earlier.

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.023 (84.9th percentile) — read the EPSS interpretation.