CVE-2021-20046: Buffer Overflow
First published: Fri Jan 07 2022(Updated: )
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
Credit: PSIRT@sonicwall.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWall SonicOS | <=7.0.1-r146 | |
| Sonicwall Nsa 2650 | ||
| Sonicwall Nsa 2700 | ||
| Sonicwall Nsa 3650 | ||
| Sonicwall Nsa 3700 | ||
| Sonicwall Nsa 4650 | ||
| Sonicwall Nsa 4700 | ||
| Sonicwall Nsa 5650 | ||
| Sonicwall Nsa 6650 | ||
| Sonicwall Nsa 6700 | ||
| Sonicwall Nsa 9250 | ||
| Sonicwall Nsa 9450 | ||
| Sonicwall Nsa 9650 | ||
| Sonicwall Tz270 | ||
| Sonicwall Tz270w | ||
| Sonicwall Tz300 | ||
| Sonicwall Tz300p | ||
| Sonicwall Tz300w | ||
| Sonicwall Tz350 | ||
| Sonicwall Tz350w | ||
| Sonicwall Tz370 | ||
| Sonicwall Tz370w | ||
| Sonicwall Tz400 | ||
| Sonicwall Tz400w | ||
| Sonicwall Tz470 | ||
| Sonicwall Tz470w | ||
| Sonicwall Tz500 | ||
| Sonicwall Tz500w | ||
| Sonicwall Tz570 | ||
| Sonicwall Tz570p | ||
| Sonicwall Tz570w | ||
| Sonicwall Tz600 | ||
| Sonicwall Tz600p | ||
| Sonicwall Tz670 | ||
| SonicWall SonicOS | <=7.0.1-5023-1349 | |
| Sonicwall Nsv 10 | ||
| Sonicwall Nsv 100 | ||
| Sonicwall Nsv 1600 | ||
| Sonicwall Nsv 200 | ||
| Sonicwall Nsv 25 | ||
| Sonicwall Nsv 270 | ||
| Sonicwall Nsv 300 | ||
| Sonicwall Nsv 400 | ||
| Sonicwall Nsv 470 | ||
| Sonicwall Nsv 50 | ||
| Sonicwall Nsv 800 | ||
| Sonicwall Nsv 870 | ||
| SonicWall SonicOS | <=7.0.1-5018-r1715 | |
| Sonicwall Nssp 12400 | ||
| Sonicwall Nssp 12800 | ||
| Sonicwall Nssp 13700 | ||
| Sonicwall Nssp 15700 | ||
| SonicWall SonicOS | <=6.5.4.8-89n | |
| Sonicwall Soho 250w | ||
| Sonicwall Supermassive 9200 | ||
| Sonicwall Supermassive 9400 | ||
| Sonicwall Supermassive 9600 | ||
| Sonicwall Supermassive 9800 | ||
| SonicWall SonicOS | <=6.5.1.13-1n | |
| SonicWall SonicOS | <=6.0.5.3-94o | |
| Sonicwall Supermassive E10200 | ||
| Sonicwall Supermassive E10400 | ||
| Sonicwall Supermassive E10800 | ||
| SonicWall SonicOS | >=5.0.0.0<=5.9.1.13 | |
| Sonicwall Soho 250 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-20046?
CVE-2021-20046 is a stack-based buffer overflow vulnerability in the SonicOS HTTP Content-Length response header.
How does CVE-2021-20046 affect SonicOS firmware versions?
CVE-2021-20046 affects SonicOS Gen 5, Gen 6, and Gen 7 firmware versions.
What is the severity of CVE-2021-20046?
CVE-2021-20046 has a severity rating of 8.8 (high).
How can CVE-2021-20046 be exploited?
CVE-2021-20046 can be exploited by a remote authenticated attacker to cause denial of service (DoS) and potentially execute code in the firewall.
Where can I find more information about CVE-2021-20046?
You can find more information about CVE-2021-20046 at the following link: [SonicWall PSIRT](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027)
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sonicwall
- canonical/sonicwall sonicos
- version/sonicwall sonicos/7.0.1-r146
- canonical/sonicwall nsa 2650
- canonical/sonicwall nsa 2700
- canonical/sonicwall nsa 3650
- canonical/sonicwall nsa 3700
- canonical/sonicwall nsa 4650
- canonical/sonicwall nsa 4700
- canonical/sonicwall nsa 5650
- canonical/sonicwall nsa 6650
- canonical/sonicwall nsa 6700
- canonical/sonicwall nsa 9250
- canonical/sonicwall nsa 9450
- canonical/sonicwall nsa 9650
- canonical/sonicwall tz270
- canonical/sonicwall tz270w
- canonical/sonicwall tz300
- canonical/sonicwall tz300p
- canonical/sonicwall tz300w
- canonical/sonicwall tz350
- canonical/sonicwall tz350w
- canonical/sonicwall tz370
- canonical/sonicwall tz370w
- canonical/sonicwall tz400
- canonical/sonicwall tz400w
- canonical/sonicwall tz470
- canonical/sonicwall tz470w
- canonical/sonicwall tz500
- canonical/sonicwall tz500w
- canonical/sonicwall tz570
- canonical/sonicwall tz570p
- canonical/sonicwall tz570w
- canonical/sonicwall tz600
- canonical/sonicwall tz600p
- canonical/sonicwall tz670
- version/sonicwall sonicos/7.0.1-5023-1349
- canonical/sonicwall nsv 10
- canonical/sonicwall nsv 100
- canonical/sonicwall nsv 1600
- canonical/sonicwall nsv 200
- canonical/sonicwall nsv 25
- canonical/sonicwall nsv 270
- canonical/sonicwall nsv 300
- canonical/sonicwall nsv 400
- canonical/sonicwall nsv 470
- canonical/sonicwall nsv 50
- canonical/sonicwall nsv 800
- canonical/sonicwall nsv 870
- version/sonicwall sonicos/7.0.1-5018-r1715
- canonical/sonicwall nssp 12400
- canonical/sonicwall nssp 12800
- canonical/sonicwall nssp 13700
- canonical/sonicwall nssp 15700
- version/sonicwall sonicos/6.5.4.8-89n
- canonical/sonicwall soho 250w
- canonical/sonicwall supermassive 9200
- canonical/sonicwall supermassive 9400
- canonical/sonicwall supermassive 9600
- canonical/sonicwall supermassive 9800
- version/sonicwall sonicos/6.5.1.13-1n
- version/sonicwall sonicos/6.0.5.3-94o
- canonical/sonicwall supermassive e10200
- canonical/sonicwall supermassive e10400
- canonical/sonicwall supermassive e10800
- version/sonicwall sonicos/5.0.0.0
- version/sonicwall sonicos/5.9.1.13
- canonical/sonicwall soho 250