Vulnerability in Sonicwall Sma100

CVE-2021-20041

An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 2…

EPSS: 0.013 (80.2th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sma100 — versions 9.0.0.11-31sv and earlier, 10.2.0.8-37sv and earlier, 10.2.1.1-19sv and earlier

Weakness classification (CWE)

CWE-835 — Loop with Unreachable Exit Condition (Infinite Loop)

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 (x_refsource_CONFIRM)