What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is CVE-2021-20035.

What is the severity of CVE-2021-20035?

The severity of CVE-2021-20035 is medium with a score of 6.5.

What is the affected software for CVE-2021-20035?

The affected software for CVE-2021-20035 includes Sonicwall SMA 200 Firmware, Sonicwall SMA 210 Firmware, Sonicwall SMA 400 Firmware, Sonicwall SMA 410 Firmware, and Sonicwall SMA 500v.

Where can I find more information about CVE-2021-20035?

You can find more information about CVE-2021-20035 at the following link: [Sonicwall Advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022)

Vulnerability/
CVE-2021-20035

medium

6.8

CWE

27/9/2021

3/8/2024

CVE-2021-20035: OS Command Injection

Q: How does CVE-2021-20035 impact the system?

CVE-2021-20035 allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, potentially leading to a denial of service (DoS) attack.

First published: Mon Sep 27 2021(Updated: )

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.

Credit: PSIRT@sonicwall.com

Affected Software	Affected Version	How to fix
Sonicwall Sma 200 Firmware	<=9.0.0.10-28sv
Sonicwall Sma 200 Firmware	>=10.2.0.0<=10.2.0.7-34sv
Sonicwall Sma 200 Firmware	>=10.2.1.0<=10.2.1.0-17sv
Sonicwall Sma 200
Sonicwall Sma 210 Firmware	<=9.0.0.10-28sv
Sonicwall Sma 210 Firmware	>=10.2.0.0<=10.2.0.7-34sv
Sonicwall Sma 210 Firmware	>=10.2.1.0<=10.2.1.0-17sv
Sonicwall Sma 210
Sonicwall Sma 400 Firmware	<=9.0.0.10-28sv
Sonicwall Sma 400 Firmware	>=10.2.0.0<=10.2.0.7-34sv
Sonicwall Sma 400 Firmware	>=10.2.1.0<=10.2.1.0-17sv
Sonicwall Sma 400
Sonicwall Sma 410 Firmware	<=9.0.0.10-28sv
Sonicwall Sma 410 Firmware	>=10.2.0.0<=10.2.0.7-34sv
Sonicwall Sma 410 Firmware	>=10.2.1.0<=10.2.1.0-17sv
Sonicwall Sma 410
Sonicwall Sma 500v	<=9.0.0.10-28sv
Sonicwall Sma 500v	>=10.2.0.0<=10.2.0.7-34sv
Sonicwall Sma 500v	>=10.2.1.0<=10.2.1.0-17sv

Never miss a vulnerability like this again

Reference Links

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-20035.
What is the severity of CVE-2021-20035?
The severity of CVE-2021-20035 is medium with a score of 6.5.
What is the affected software for CVE-2021-20035?
The affected software for CVE-2021-20035 includes Sonicwall SMA 200 Firmware, Sonicwall SMA 210 Firmware, Sonicwall SMA 400 Firmware, Sonicwall SMA 410 Firmware, and Sonicwall SMA 500v.
How does CVE-2021-20035 impact the system?
CVE-2021-20035 allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, potentially leading to a denial of service (DoS) attack.
Where can I find more information about CVE-2021-20035?
You can find more information about CVE-2021-20035 at the following link: [Sonicwall Advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022)

collector/nvd-index
agent/weakness
agent/severity
agent/references
agent/author
agent/type
agent/event
agent/description
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/sonicwall
canonical/sonicwall sma 200 firmware
version/sonicwall sma 200 firmware/9.0.0.10-28sv
version/sonicwall sma 200 firmware/10.2.0.0
version/sonicwall sma 200 firmware/10.2.0.7-34sv
version/sonicwall sma 200 firmware/10.2.1.0
version/sonicwall sma 200 firmware/10.2.1.0-17sv
canonical/sonicwall sma 200
canonical/sonicwall sma 210 firmware
version/sonicwall sma 210 firmware/9.0.0.10-28sv
version/sonicwall sma 210 firmware/10.2.0.0
version/sonicwall sma 210 firmware/10.2.0.7-34sv
version/sonicwall sma 210 firmware/10.2.1.0
version/sonicwall sma 210 firmware/10.2.1.0-17sv
canonical/sonicwall sma 210
canonical/sonicwall sma 400 firmware
version/sonicwall sma 400 firmware/9.0.0.10-28sv
version/sonicwall sma 400 firmware/10.2.0.0
version/sonicwall sma 400 firmware/10.2.0.7-34sv
version/sonicwall sma 400 firmware/10.2.1.0
version/sonicwall sma 400 firmware/10.2.1.0-17sv
canonical/sonicwall sma 400
canonical/sonicwall sma 410 firmware
version/sonicwall sma 410 firmware/9.0.0.10-28sv
version/sonicwall sma 410 firmware/10.2.0.0
version/sonicwall sma 410 firmware/10.2.0.7-34sv
version/sonicwall sma 410 firmware/10.2.1.0
version/sonicwall sma 410 firmware/10.2.1.0-17sv
canonical/sonicwall sma 410
canonical/sonicwall sma 500v
version/sonicwall sma 500v/9.0.0.10-28sv
version/sonicwall sma 500v/10.2.0.0
version/sonicwall sma 500v/10.2.0.7-34sv
version/sonicwall sma 500v/10.2.1.0
version/sonicwall sma 500v/10.2.1.0-17sv

CVE-2021-20035: OS Command Injection

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?

What is the severity of CVE-2021-20035?

What is the affected software for CVE-2021-20035?

How does CVE-2021-20035 impact the system?

Where can I find more information about CVE-2021-20035?

Company

Resources

Contact