What is CVE-2021-20046?

CVE-2021-20046 is a stack-based buffer overflow vulnerability in the SonicOS HTTP Content-Length response header.

How does CVE-2021-20046 affect SonicOS firmware versions?

CVE-2021-20046 affects SonicOS Gen 5, Gen 6, and Gen 7 firmware versions.

What is the severity of CVE-2021-20046?

CVE-2021-20046 has a severity rating of 8.8 (high).

Where can I find more information about CVE-2021-20046?

You can find more information about CVE-2021-20046 at the following link: [SonicWall PSIRT](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027)

Vulnerability/
CVE-2021-20046

high

8.8

CWE

787 121 119

7/1/2022

3/8/2024

CVE-2021-20046: Buffer Overflow

Q: How can CVE-2021-20046 be exploited?

CVE-2021-20046 can be exploited by a remote authenticated attacker to cause denial of service (DoS) and potentially execute code in the firewall.

First published: Fri Jan 07 2022(Updated: )

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.

Credit: PSIRT@sonicwall.com

Affected Software	Affected Version	How to fix
SonicWall SonicOS	<=7.0.1-r146
SonicWall NSA 2650
SonicWall NSA 2700
SonicWall NSA 3650 Firmware
SonicWall NSA 3700 Firmware
SonicWall NSA 4650 Firmware
SonicWall NSA 4700
SonicWall NSA 5650
SonicWall NSA 6650
SonicWall NSA 6700 Firmware
SonicWall NSA 9250
SonicWall NSA 9450
SonicWall NSA 9650
SonicWall TZ270
SonicWall TZ270W Firmware
SonicWall TZ300 Firmware
SonicWall TZ300P Firmware
SonicWall TZ300W Firmware
SonicWall TZ350 Firmware
SonicWall TZ350W Firmware
SonicWall TZ370
SonicWall TZ370W Firmware
SonicWall TZ400W Firmware
SonicWall TZ400W Firmware
SonicWall TZ470 Firmware
SonicWall TZ470W Firmware
SonicWall TZ500W
SonicWall TZ500W Firmware
SonicWall TZ570 Firmware
SonicWall TZ570P Firmware
SonicWall TZ570W Firmware
SonicWall TZ600
SonicWall TZ 600P
SonicWall TZ670 Firmware
SonicWall SonicOS	<=7.0.1-5023-1349
SonicWall NSV 10 Firmware
SonicWall NSV 100 Firmware
SonicWall NSV 1600
SonicWall NSv
SonicWall NSv 25
SonicWall NSV 270
SonicWall NSV 300
SonicWall NSV 400 Firmware
SonicWall NSV 470 Firmware
SonicWall NSV 50 Firmware
SonicWall NSV800
SonicWall NSv 870
SonicWall SonicOS	<=7.0.1-5018-r1715
SonicWall NSSP 12400 Firmware
SonicWall NSSP 12800 Firmware
SonicWall NSSP 13700
SonicWall NSSP 15700
SonicWall SonicOS	<=6.5.4.8-89n
SonicWall SOHO 250W Firmware
SonicWall SuperMassive 9200
SonicWall SuperMassive 9400
SonicWall SuperMassive 9600
SonicWall SuperMassive 9800
SonicWall SonicOS	<=6.5.1.13-1n
SonicWall SonicOS	<=6.0.5.3-94o
SonicWall SuperMassive E10200
SonicWall SuperMassive E10400
SonicWall SuperMassive E10800
SonicWall SonicOS	>=5.0.0.0<=5.9.1.13
SonicWall SOHO 250W

Never miss a vulnerability like this again

Reference Links

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027

Frequently Asked Questions

What is CVE-2021-20046?
CVE-2021-20046 is a stack-based buffer overflow vulnerability in the SonicOS HTTP Content-Length response header.
How does CVE-2021-20046 affect SonicOS firmware versions?
CVE-2021-20046 affects SonicOS Gen 5, Gen 6, and Gen 7 firmware versions.
What is the severity of CVE-2021-20046?
CVE-2021-20046 has a severity rating of 8.8 (high).
How can CVE-2021-20046 be exploited?
CVE-2021-20046 can be exploited by a remote authenticated attacker to cause denial of service (DoS) and potentially execute code in the firewall.
Where can I find more information about CVE-2021-20046?
You can find more information about CVE-2021-20046 at the following link: [SonicWall PSIRT](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027)

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/last-modified-date
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/sonicwall
canonical/sonicwall sonicos
version/sonicwall sonicos/7.0.1-r146
canonical/sonicwall nsa 2650
canonical/sonicwall nsa 2700
canonical/sonicwall nsa 3650 firmware
canonical/sonicwall nsa 3700 firmware
canonical/sonicwall nsa 4650 firmware
canonical/sonicwall nsa 4700
canonical/sonicwall nsa 5650
canonical/sonicwall nsa 6650
canonical/sonicwall nsa 6700 firmware
canonical/sonicwall nsa 9250
canonical/sonicwall nsa 9450
canonical/sonicwall nsa 9650
canonical/sonicwall tz270
canonical/sonicwall tz270w firmware
canonical/sonicwall tz300 firmware
canonical/sonicwall tz300p firmware
canonical/sonicwall tz300w firmware
canonical/sonicwall tz350 firmware
canonical/sonicwall tz350w firmware
canonical/sonicwall tz370
canonical/sonicwall tz370w firmware
canonical/sonicwall tz400w firmware
canonical/sonicwall tz470 firmware
canonical/sonicwall tz470w firmware
canonical/sonicwall tz500w
canonical/sonicwall tz500w firmware
canonical/sonicwall tz570 firmware
canonical/sonicwall tz570p firmware
canonical/sonicwall tz570w firmware
canonical/sonicwall tz600
canonical/sonicwall tz 600p
canonical/sonicwall tz670 firmware
version/sonicwall sonicos/7.0.1-5023-1349
canonical/sonicwall nsv 10 firmware
canonical/sonicwall nsv 100 firmware
canonical/sonicwall nsv 1600
canonical/sonicwall nsv
canonical/sonicwall nsv 25
canonical/sonicwall nsv 270
canonical/sonicwall nsv 300
canonical/sonicwall nsv 400 firmware
canonical/sonicwall nsv 470 firmware
canonical/sonicwall nsv 50 firmware
canonical/sonicwall nsv800
canonical/sonicwall nsv 870
version/sonicwall sonicos/7.0.1-5018-r1715
canonical/sonicwall nssp 12400 firmware
canonical/sonicwall nssp 12800 firmware
canonical/sonicwall nssp 13700
canonical/sonicwall nssp 15700
version/sonicwall sonicos/6.5.4.8-89n
canonical/sonicwall soho 250w firmware
canonical/sonicwall supermassive 9200
canonical/sonicwall supermassive 9400
canonical/sonicwall supermassive 9600
canonical/sonicwall supermassive 9800
version/sonicwall sonicos/6.5.1.13-1n
version/sonicwall sonicos/6.0.5.3-94o
canonical/sonicwall supermassive e10200
canonical/sonicwall supermassive e10400
canonical/sonicwall supermassive e10800
version/sonicwall sonicos/5.0.0.0
version/sonicwall sonicos/5.9.1.13
canonical/sonicwall soho 250w

CVE-2021-20046: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-20046?

How does CVE-2021-20046 affect SonicOS firmware versions?

What is the severity of CVE-2021-20046?

How can CVE-2021-20046 be exploited?

Where can I find more information about CVE-2021-20046?

Company

Resources

Contact