First published: Tue Oct 17 2023(Updated: )
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
Credit: PSIRT@sonicwall.com PSIRT@sonicwall.com
Affected Software | Affected Version | How to fix |
---|---|---|
SonicWall SonicOS | <7.0.1-5145 | |
Sonicwall Nsa2700 | ||
Sonicwall Nsa3700 | ||
Sonicwall Nsa4700 | ||
Sonicwall Nsa5700 | ||
Sonicwall Nsa6700 | ||
Sonicwall Nssp10700 | ||
Sonicwall Nssp11700 | ||
Sonicwall Nssp13700 | ||
Sonicwall Nssp15700 | ||
Sonicwall Nsv10 | ||
Sonicwall Nsv100 | ||
Sonicwall Nsv1600 | ||
Sonicwall Nsv200 | ||
Sonicwall Nsv25 | ||
Sonicwall Nsv270 | ||
Sonicwall Nsv300 | ||
Sonicwall Nsv400 | ||
Sonicwall Nsv470 | ||
Sonicwall Nsv50 | ||
Sonicwall Nsv800 | ||
Sonicwall Nsv870 | ||
Sonicwall Tz270 | ||
Sonicwall Tz270w | ||
Sonicwall Tz370 | ||
Sonicwall Tz370w | ||
Sonicwall Tz470 | ||
Sonicwall Tz470w | ||
Sonicwall Tz570 | ||
Sonicwall Tz570p | ||
Sonicwall Tz570w | ||
Sonicwall Tz670 | ||
SonicWall SonicOS | <6.5.4.4-44v-21-2340 | |
SonicWall SonicOS | <6.5.4.13-105n | |
Sonicwall Nsa 2600 | ||
Sonicwall Nsa 2650 | ||
Sonicwall Nsa 3600 | ||
Sonicwall Nsa 3650 | ||
Sonicwall Nsa 4600 | ||
Sonicwall Nsa 4650 | ||
Sonicwall Nsa 5600 | ||
Sonicwall Nsa 5650 | ||
Sonicwall Nsa 6600 | ||
Sonicwall Nsa 6650 | ||
Sonicwall Sm 9200 | ||
Sonicwall Sm 9250 | ||
Sonicwall Sm 9400 | ||
Sonicwall Sm 9450 | ||
Sonicwall Sm 9600 | ||
Sonicwall Sm 9650 | ||
Sonicwall Soho 250 | ||
Sonicwall Soho 250w | ||
Sonicwall Sohow | ||
Sonicwall Tz 300 | ||
Sonicwall Tz 300p | ||
Sonicwall Tz 300w | ||
Sonicwall Tz 350 | ||
Sonicwall Tz 400 | ||
Sonicwall Tz 400w | ||
Sonicwall Tz 500 | ||
Sonicwall Tz 500w | ||
Sonicwall Tz 600 | ||
Sonicwall Tz 600p |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-41712 is a SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint.
The severity of CVE-2023-41712 is medium with a severity value of 6.5.
SonicOS version up to and excluding 7.0.1-5145 is affected by CVE-2023-41712.
To fix CVE-2023-41712, update SonicOS to version 7.0.1-5145 or later.
More information about CVE-2023-41712 can be found at the following link: [https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012]