What is CVE-2022-22274?

CVE-2022-22274 is a vulnerability in Sonicwall Sonicos, classified under Stack-based Buffer Overflow. Published 2022-03-25.

Is CVE-2022-22274 known to be exploited?

16 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Sonicwall Sonicos

CVE-2022-22274

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.

Vulnerability class: Buffer Overflow

EPSS: 0.573 (98.9th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sonicos — versions SonicOS 7.0.1-5050 and earlier, SonicOS 7.0.1-R579 and earlier, SonicOSv 6.5.4.4-44v-21-1452 and earlier

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2022-22274?: CVE-2022-22274 is a vulnerability in Sonicwall Sonicos, classified under Stack-based Buffer Overflow. Published 2022-03-25.
Is CVE-2022-22274 known to be exploited?: 16 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.