Sonicwall Sonicos
69 CVEs affecting Sonicwall Sonicos. Latest disclosed: 2026-04-29. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-3596 | Critical | 9.0 | 2024-07-09 | RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access… |
CVE-2026-0204 | High | 8.0 | 2026-04-29 | A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions. |
CVE-2026-0205 | Medium | 6.8 | 2026-04-29 | A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services. |
CVE-2026-0206 | Medium | 4.9 | 2026-04-29 | A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall. |
CVE-2026-3439 | | 2026-03-04 | A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall. | |
CVE-2026-0402 | | 2026-02-24 | A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall. | |
CVE-2026-0401 | | 2026-02-24 | A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall. | |
CVE-2026-0400 | | 2026-02-24 | A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall. | |
CVE-2026-0399 | | 2026-02-24 | Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint. | |
CVE-2025-40601 | | 2025-11-20 | A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which coul… | |
CVE-2025-40600 | | 2025-07-29 | Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption. | |
CVE-2025-32818 | | 2025-04-23 | A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potent… | |
CVE-2024-12802 | | 2025-01-09 | SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager… | |
CVE-2024-12806 | | 2025-01-09 | A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file. | |
CVE-2024-12805 | | 2025-01-09 | A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution. | |
CVE-2024-12803 | | 2025-01-09 | A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to cod… | |
CVE-2024-40765 | | 2025-01-09 | An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and po… | |
CVE-2024-53706 | | 2025-01-09 | A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potenti… | |
CVE-2024-53705 | | 2025-01-09 | A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on… | |
CVE-2024-53704 | | 2025-01-09 | An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. |