First published: Wed Dec 08 2021(Updated: )
A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS system commands in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Credit: PSIRT@sonicwall.com
Affected Software | Affected Version | How to fix |
---|---|---|
SonicWall SMA 200 | =10.2.0.8-37sv | |
SonicWall SMA 200 | =10.2.1.1-19sv | |
SonicWall SMA 200 firmware | ||
SonicWall SMA 210 | =10.2.0.8-37sv | |
SonicWall SMA 210 | =10.2.1.1-19sv | |
SonicWall SMA 210 Firmware | ||
SonicWall SMA 410 | =10.2.0.8-37sv | |
SonicWall SMA 410 | =10.2.1.1-19sv | |
SonicWall SMA 410 | ||
SonicWall SMA 400 | =10.2.0.8-37sv | |
SonicWall SMA 400 | =10.2.1.1-19sv | |
SonicWall SMA 400 firmware | ||
SonicWall SMA 500v Firmware | =10.2.0.8-37sv | |
SonicWall SMA 500v Firmware | =10.2.1.1-19sv | |
SonicWall SMA 500v Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-20044 is a post-authentication remote command injection vulnerability in SonicWall SMA100 that allows a remote authenticated attacker to execute OS system commands in the appliance.
CVE-2021-20044 affects SonicWall SMA 200, 210, 400, 410, and 500v appliances.
CVE-2021-20044 has a severity rating of 8.8, which is considered critical.
To fix CVE-2021-20044, it is recommended to apply the latest firmware updates provided by SonicWall.
You can find more information about CVE-2021-20044 on the SonicWall PSIRT website.