What is CVE-2021-20042?

CVE-2021-20042 is a vulnerability that allows an unauthenticated remote attacker to use SMA 100 as an unintended proxy to bypass firewall rules.

Which SonicWall appliances are affected by CVE-2021-20042?

SMA 200, 210, 400, 410, and 500v appliances are affected by CVE-2021-20042.

What is the severity of CVE-2021-20042?

CVE-2021-20042 has a severity rating of 9.8 (critical).

How can an attacker exploit CVE-2021-20042?

An unauthenticated remote attacker can exploit CVE-2021-20042 by using SMA 100 as an undetectable proxy to bypass firewall rules.

Where can I find more information about CVE-2021-20042?

You can find more information about CVE-2021-20042 at the following link: [SonicWall PSIRT Advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026).

Vulnerability/
CVE-2021-20042

critical

9.8

CWE

441

8/12/2021

3/8/2024

CVE-2021-20042

First published: Wed Dec 08 2021(Updated: )

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Credit: PSIRT@sonicwall.com

Affected Software	Affected Version	How to fix
SonicWall SMA 200 firmware	=9.0.0.11-31sv
SonicWall SMA 200 firmware	=10.2.0.8-37sv
SonicWall SMA 200 firmware	=10.2.1.1-19sv
SonicWall SMA 200 firmware
SonicWall SMA 210	=9.0.0.11-31sv
SonicWall SMA 210	=10.2.0.8-37sv
SonicWall SMA 210	=10.2.1.1-19sv
SonicWall SMA 210 Firmware
SonicWall SMA 410	=9.0.0.11-31sv
SonicWall SMA 410	=10.2.0.8-37sv
SonicWall SMA 410	=10.2.1.1-19sv
SonicWall SMA 410
SonicWall SMA 400 firmware	=9.0.0.11-31sv
SonicWall SMA 400 firmware	=10.2.0.8-37sv
SonicWall SMA 400 firmware	=10.2.1.1-19sv
SonicWall SMA 400 firmware
SonicWall SMA 500v Firmware	=9.0.0.11-31sv
SonicWall SMA 500v Firmware	=10.2.0.8-37sv
SonicWall SMA 500v Firmware	=10.2.1.1-19sv
SonicWall SMA 500v Firmware

Never miss a vulnerability like this again

Reference Links

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026

Frequently Asked Questions

What is CVE-2021-20042?
CVE-2021-20042 is a vulnerability that allows an unauthenticated remote attacker to use SMA 100 as an unintended proxy to bypass firewall rules.
Which SonicWall appliances are affected by CVE-2021-20042?
SMA 200, 210, 400, 410, and 500v appliances are affected by CVE-2021-20042.
What is the severity of CVE-2021-20042?
CVE-2021-20042 has a severity rating of 9.8 (critical).
How can an attacker exploit CVE-2021-20042?
An unauthenticated remote attacker can exploit CVE-2021-20042 by using SMA 100 as an undetectable proxy to bypass firewall rules.
Where can I find more information about CVE-2021-20042?
You can find more information about CVE-2021-20042 at the following link: [SonicWall PSIRT Advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026).

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/last-modified-date
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/sonicwall
canonical/sonicwall sma 200 firmware
version/sonicwall sma 200 firmware/9.0.0.11-31sv
version/sonicwall sma 200 firmware/10.2.0.8-37sv
version/sonicwall sma 200 firmware/10.2.1.1-19sv
canonical/sonicwall sma 210
version/sonicwall sma 210/9.0.0.11-31sv
version/sonicwall sma 210/10.2.0.8-37sv
version/sonicwall sma 210/10.2.1.1-19sv
canonical/sonicwall sma 210 firmware
canonical/sonicwall sma 410
version/sonicwall sma 410/9.0.0.11-31sv
version/sonicwall sma 410/10.2.0.8-37sv
version/sonicwall sma 410/10.2.1.1-19sv
canonical/sonicwall sma 400 firmware
version/sonicwall sma 400 firmware/9.0.0.11-31sv
version/sonicwall sma 400 firmware/10.2.0.8-37sv
version/sonicwall sma 400 firmware/10.2.1.1-19sv
canonical/sonicwall sma 500v firmware
version/sonicwall sma 500v firmware/9.0.0.11-31sv
version/sonicwall sma 500v firmware/10.2.0.8-37sv
version/sonicwall sma 500v firmware/10.2.1.1-19sv